From 97508ca21521c261061abaa52bc523a929ada0cf Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano@smallstep.com>
Date: Tue, 19 May 2020 13:05:55 -0700
Subject: [PATCH] Add AuthorityKeyId to root certificate.

Fix error string.
---
 cmd/step-yubikey-init/main.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cmd/step-yubikey-init/main.go b/cmd/step-yubikey-init/main.go
index b4c1f97b..dc486f4d 100644
--- a/cmd/step-yubikey-init/main.go
+++ b/cmd/step-yubikey-init/main.go
@@ -187,6 +187,7 @@ func createPKI(k kms.KeyManager, c Config) error {
 			Subject:               pkix.Name{CommonName: "YubiKey Smallstep Root"},
 			SerialNumber:          mustSerialNumber(),
 			SubjectKeyId:          mustSubjectKeyID(resp.PublicKey),
+			AuthorityKeyId:        mustSubjectKeyID(resp.PublicKey),
 		}
 
 		b, err := x509.CreateCertificate(rand.Reader, template, template, resp.PublicKey, signer)
@@ -225,7 +226,7 @@ func createPKI(k kms.KeyManager, c Config) error {
 	if c.RootOnly {
 		priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 		if err != nil {
-			return errors.Wrap(err, "error creating intermediate public key")
+			return errors.Wrap(err, "error creating intermediate key")
 		}
 
 		pass, err := ui.PromptPasswordGenerate("What do you want your password to be? [leave empty and we'll generate one]",