Problems with specific certificate/key (Debian Bug #426013)

Marc Haber mh+gnutls-devel at
Thu Jan 3 01:36:06 CET 2008


Simon Josefsson has suggested to me (a member of the maintainer team
for Exim's packages for the Debian Operating System) that it might be
a good idea to move a technical debate from our blogs
to gnutls-devel as this list is a better medium for archived discussion.

I'll send a dedicated mail for each of Debian's bug reports, so that
the threads are not going to intermix.

Debian Bug #426013,
Simon writes:
> Appears to be an unreprodicible problem with a specific
> certificate/key which the user cannot reveal. Another certificate/key
> from the same CA works fine. Theory: could it be CRLF problems? Other
> non-ASCII characters in the file? Nothing indicates a real GnuTLS
> problem here.
> Conclusion: Likely not a GnuTLS problem.

I think that this conclusion was built too fast, but we do not have
sufficient information to know this.

The original reporter has said in the mean time that there are no
non-ascii chars in the file and that there are no CRLF issues here.
Currently, it is suspected that GnuTLS has issues with the fact that
the certificate is a wildcard certificate.


Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190

More information about the Gnutls-devel mailing list