gnutls fails to use Verisign CA cert without a Basic Constraint

Simon Josefsson simon at
Fri Jan 9 11:16:43 CET 2009

Simon Josefsson <simon at> writes:

> "Douglas E. Engert" <deengert at> writes:
>> Attached are the server cert (, the intermediate cert (f0a38a80.0)
>> and the CA self signed cert (7651b327.0)
> Thanks, I can reproduce the problem.  Should be fixed with this patch:

Sorry, that link was wrong.  For the 2.6.x branch the proper link is:;a=commitdiff;h=423fc8b82f2b9aa3ea820cd5cf75d5813dffbbf0

Please test the patch and confirm whether or not it works for you.  I
think we should do a new 2.6.x release to deal with this.

The latest daily build contains all fixes, so everyone, please test this
as if it were a new 2.6.x release:

It is a good time to raise other problems with 2.6.x now.


More information about the Gnutls-devel mailing list