Fresh certificate marked as expired / messed-up certificate chain pulling expired root cert in gpgsm
Dirk Gottschalk
dirk.gottschalk1980 at googlemail.com
Sat Jul 20 11:01:49 CEST 2019
Hello.
Am Donnerstag, den 18.07.2019, 18:33 +0200 schrieb Dr. Thomas Orgis:
> Certified by
> ID: 0x61A8CF44
> Issuer: /CN=Deutsche Telekom Root CA 2/OU=T-TeleSec Trust
> Center/O=Deutsche Telekom AG/C=DE
> Subject: /CN=T-TeleSec GlobalRoot Class 2/OU=T-Systems Trust
> Center/O=T-Systems Enterprise Services GmbH/C=DE
> validity: 2016-04-25 09:01:39 through 2019-07-09 23:59:59
> chain length: unlimited
> Certified by
> ID: 0x8CDE37BF
> Issuer: /CN=Deutsche Telekom Root CA 2/OU=T-TeleSec Trust
> Center/O=Deutsche Telekom AG/C=DE
> Subject: /CN=Deutsche Telekom Root CA 2/OU=T-TeleSec Trust
> Center/O=Deutsche Telekom AG/C=DE
> validity: 1999-07-09 12:11:00 through 2019-07-09 23:59:00
> chain length: 5
This is the issue here. These two certs of DTAG (Telekom) are exired
and that's the reason why gpgsm is complaining correctly.
Regards,
Dirk
--
Dirk Gottschalk
GPG: 4278 1FCA 035A 9A63 4166 CE11 7544 0AD9 4996 F380
Keybase: https://keybase.io/dgottschalk
GitHub: https://github.com/Dirk1980ac
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190720/c7e505d6/attachment.sig>
More information about the Gnupg-users
mailing list