Use incremented serial of base CRL when signing delta CRL

diff --git a/src/pki/commands/signcrl.c b/src/pki/commands/signcrl.c
index 07f4a13..4b1c12e 100644 (file)
--- a/src/pki/commands/signcrl.c
+++ b/src/pki/commands/signcrl.c
@@ -332,6 +332,8 @@ static int sign_crl()
                        error = "loading base CRL failed";
                        goto error;
                }
+               memcpy(crl_serial, lastcrl->get_serial(lastcrl).ptr,
+                          min(lastcrl->get_serial(lastcrl).len, sizeof(crl_serial)));
                baseCrlNumber = chunk_clone(lastcrl->get_serial(lastcrl));
                DESTROY_IF((certificate_t*)lastcrl);
                lastcrl = NULL;