I'm trying to add DirName and serial number to the X509 Authority Key Identifier extension using the FreeIPA/IDM server (not openssl) so it will looks like
X509v3 Authority Key Identifier
keyid:11:1B:30:08:A2:F0:F9:6C:D5:8D:24:E3:31:EA:D3:A8:FC:BC:13:FD
DirName:/CN=.
serial:D4.....
I tried to add parameters to a certificate profile and then requested an SSL certificate using this profile I tried by adding only the serial number first
policyset.serverCertSet.9.constraint.class_id=noConstraintImpl
policyset.serverCertSet.9.constraint.name=No Constraint policyset.serverCertSet.9.default.class_id=authorityKeyIdentifierExtDefaultImpl
policyset.serverCertSet.9.default.name=Authority Key Identifier
Extension Default
policyset.serverCertSet.9.default.params.authorityKeyIdentifierCertificateSe
rialNumber=1000
and I replaced the bottom line with:
policyset.serverCertSet.9.default.params.authorityKeyIdentifierCertSerialNumber=1000
policyset.serverCertSet.9.default.params.authorityCertSerialNumber=1000
However the serial number doesn't show in the Authority Key Identifier extension
