Skip to content

Question about wc_SignCert API: failure code -226 when using a CA:FALSE certificate #10799

Description

@wuhuyibeijiu

Version

5.7.2

Description

Hi,

I'm testing wolfSSL's certificate signing behavior. I have a certificate with basicConstraints=CA:FALSE but keyUsage=keyCertSign. I tried to use it as the issuer to sign a child certificate with wc_SignCert.The signing fails and returns "Failure code was -226". I'm not sure what this error means.

My questions are:

  1. Is wc_SignCert the correct API for this use case? If not, what should I use instead?
  2. If I'm using the correct API, what does error code -226 mean specifically?

I've attached my test code (certgen_test_ca_false.c).
Thanks!

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions