don't copy issuer to authorityKeyIdentifier
issuer contains the CA' serial number, thus making CA rollover trickier (you'd need to issue a new cert with the same serial). Having only keyid allows for easier CA rollover.
Showing
Please register or sign in to comment