certData gets filled in line 152.
The way I see it, certData just assigns the certificate's topic and data to a dictionary. So authorityKeyIdentifier might not be set or misspelled?
If you are checking the server certificate, it gets more complicated. Here getCertData from line 221 is run which runs openssl. Can you verify the output of this command line (with certificate as input)?
Here this logic is applied on the output:
If the previous line starts with "X509v3 Authority Key Identifier"
and the current line starts with " keyid:"
then "authorityKeyIdentifier" = line[10:].strip().upper()
openssl1 by Leap differs in output to openssl3 by EL.
Openssl3:
subject=C = DE, ST = MO, L = ABCDEF, O = DSRnet2, OU = OUmmon, CN = CNmmon CA
b423432
notBefore=Oct 6 00:00:00 2022 GMT
notAfter=Oct 5 23:59:59 2032 GMT
issuer=C = DE, ST = DHajajss, L = Radio City, O = Org Network, CN = CNmmon CA
fc123499
Modulus=cut
X509v3 Authority Key Identifier:
AA:BB:CC:DD:EE:FF:AA:BB:CC:DD:EE:FF:AA:BB:CC:DD:EE:FF:66:CB
X509v3 Subject Key Identifier:
AA:BB:CC:DD:EE:FF:AA:BB:CC:DD:EE:FF:AA:BB:CC:DD:EE:FF:E7:38
in mgr_ssl_cert_setup.py
certData gets filled in line 152. The way I see it, certData just assigns the certificate's topic and data to a dictionary. So authorityKeyIdentifier might not be set or misspelled?
If you are checking the server certificate, it gets more complicated. Here getCertData from line 221 is run which runs openssl. Can you verify the output of this command line (with certificate as input)?
"openssl "x509 "-noout "-subject "-subject_hash "-startdate "-enddate "-issuer "-issuer_hash "-modulus "-ext", "subjectKeyIdentifier,authorityKeyIdentifier"
Here this logic is applied on the output: If the previous line starts with "X509v3 Authority Key Identifier" and the current line starts with " keyid:" then "authorityKeyIdentifier" = line[10:].strip().upper()
openssl1 by Leap differs in output to openssl3 by EL.
Openssl3: