When not using the '-e' command line option to specify the encryption
certificate the auto-selected certificate wasn't being used during an
enrollment request, which resulted in failed requests.
If auto-selecting and the encert differed from the cacert it was
incorrectly using the cacert certificate.
When the '-e' option is used then encert will always be non-null, and
when auto-selecting the encert it will also be non-null. encert will
only be null if the '-e' flag is not used and the '-c' flag points to a
valid certificate (so no auto-selecting).
Fixed the problem by using encert if it is non-NULL, else using cacert.
gotthardp
commented
2 years ago
When not using the '-e' command line option to specify the encryption certificate the auto-selected certificate wasn't being used during an enrollment request, which resulted in failed requests. If auto-selecting and the encert differed from the cacert it was incorrectly using the cacert certificate. When the '-e' option is used then encert will always be non-null, and when auto-selecting the encert it will also be non-null. encert will only be null if the '-e' flag is not used and the '-c' flag points to a valid certificate (so no auto-selecting). Fixed the problem by using encert if it is non-NULL, else using cacert.