Fatal error: Key usage violation in certificate has been detected

Goffredo Baroncelli kreijack at gmail.com
Fri Oct 23 19:46:12 CEST 2009


Hi all,

I used freepops [*] to download my email from my provider (www.alice.it). If 
freepops uses the https protocol I get the following error

   *** Fatal error: Key usage violation in certificate has been detected.
   *** Handshake has failed

After googling, I discovered that:
- freepops uses the GNU tls library
- the error message seems to be an GNU tls library error
- the problem is also reproducible with the following command 

   ghigo at venice:~$ gnutls-cli -p 443 authsrs.alice.it
   Resolving 'authsrs.alice.it'...
   Connecting to '81.74.238.31:443'...
   *** Fatal error: Key usage violation in certificate has been detected.
   *** Handshake has failed
   GNUTLS ERROR: Key usage violation in certificate has been detected.

Note: "authsrs.alice.it" is the server resposible for the user authentication 
of the webmail interface. My idea is that there is a problem between the 
authsrs.alice.it https certificate and gnutls, that causes the freepops 
failure.

I am not an expert about the certificates. Looking in the gnutls mailing list, 
I found some similar bugs report, and in these cases the conclusions were an 
incorrect certificate.  Could someone help me to confirm that the problem is 
the certificate even in this case?
And if it is the case (and I think that it IS the case), which possibles 
workarounds exist ?

TIA & BR
G.Baroncelli.

NB: please cc'me in the reply, because I am not subscribed to the mailing 
list.

[*] FreePOPs allows access to the most varied resources through the POP3 
protocol. Mainly, it can be used to download mail from a webmail interface, 
when it is not available a pop3 protocol.

-- 
gpg key@ keyserver.linux.it: Goffredo Baroncelli (ghigo) <kreijackATinwind.it>
Key fingerprint = 4769 7E51 5293 D36C 814E  C054 BF04 F161 3DC5 0512





More information about the Gnutls-devel mailing list