Fatal error: Key usage violation in certificate has been detected
n.mavrogiannopoulos at gmail.com
Sat Oct 24 03:11:42 CEST 2009
Daniel Kahn Gillmor wrote:
>> And if it is the case (and I think that it IS the case), which possibles
>> workarounds exist ?
> Maybe there's a GnuTLS priority string you can set to disable usage flag
> checking as a workaround? if there is, i couldn't find it here:
> seems like they should reall use a certificate with the right usage
> flags set, though.
I can see that the certificate allow:
X509v3 Key Usage:
and that means it will issue key usage violation for all ciphersuites
except for RSA (not even DHE-RSA, just RSA). Thus the server sending
this certificate must be configured to disable all other ciphersuites.
More information about the Gnutls-devel