gnutls fails to use Verisign CA cert without a Basic Constraint
Simon Josefsson
simon at josefsson.org
Fri Jan 9 11:16:43 CET 2009
Simon Josefsson <simon at josefsson.org> writes:
> "Douglas E. Engert" <deengert at anl.gov> writes:
>
>> Attached are the server cert (auth2.it.anl.gov), the intermediate cert (f0a38a80.0)
>> and the CA self signed cert (7651b327.0)
>
> Thanks, I can reproduce the problem. Should be fixed with this patch:
>
> http://git.savannah.gnu.org/cgit/gnutls.git/commit/
Sorry, that link was wrong. For the 2.6.x branch the proper link is:
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=423fc8b82f2b9aa3ea820cd5cf75d5813dffbbf0
Please test the patch and confirm whether or not it works for you. I
think we should do a new 2.6.x release to deal with this.
The latest daily build contains all fixes, so everyone, please test this
as if it were a new 2.6.x release:
http://daily.josefsson.org/gnutls-2.6/gnutls-2.6-20090109.tar.gz
It is a good time to raise other problems with 2.6.x now.
Thanks,
/Simon
More information about the Gnutls-devel
mailing list