[gnutls-devel] error: certificate policies import: ASN1 parser: Error in DER parsing
Tim Ruehsen
tim.ruehsen at gmx.de
Thu Feb 11 15:25:18 CET 2016
On Debian SID (amd64), I recognize a ASN1 error with
$ gnutls-cli -V outlook.office365.com
...
error: certificate policies import: ASN1 parser: Error in DER parsing.
...
$ gnutls-cli --version
gnutls-cli 3.4.9
I am not sure if it is a GnuTLS issue or if it is an underlying library
(libtasn ?) or whatever.
Any idea ?
Regards, Tim
Processed 172 CA certificate(s).
Resolving 'outlook.office365.com'...
Connecting to '132.245.61.226:443'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- X.509 Certificate Information:
Version: 3
Serial Number (hex): 5a00020e4289e78c6958489ec1000100020e42
Issuer: C=US,ST=Washington,L=Redmond,O=Microsoft
Corporation,OU=Microsoft IT,CN=Microsoft IT SSL SHA2
Validity:
Not Before: Tue Oct 13 22:20:04 UTC 2015
Not After: Thu Oct 12 22:20:04 UTC 2017
Subject: C=US,ST=WA,L=Redmond,O=Microsoft Corporation,OU=Microsoft
Corporation,CN=outlook.com
Subject Public Key Algorithm: RSA
Algorithm Security Level: Medium (2048 bits)
Modulus (bits 2048):
00:e4:ff:c7:ed:b8:dd:9c:1f:a8:b9:17:12:3f:0a:cb
ee:20:b4:b2:f0:6d:9e:3a:49:db:41:2d:f6:16:6e:79
ba:8b:32:76:4e:e8:02:58:a4:bf:88:3c:07:da:e8:1e
46:b9:4a:fe:ea:06:d6:9f:f6:90:c5:75:1e:18:c7:72
e0:a9:26:65:fe:e9:58:76:94:e5:54:54:9b:69:87:a1
43:1c:7a:09:9c:d7:9a:14:b0:93:d7:1e:07:a4:b1:9a
a1:cf:e9:77:93:8f:f2:7f:ad:b0:04:bc:4a:10:37:ad
a8:fe:42:14:f6:1b:97:d1:a3:f1:ef:83:6d:85:4d:87
57:cf:58:b4:7b:93:27:57:39:b8:f7:fd:be:c3:7b:b4
04:d1:72:02:98:80:f4:16:f4:4b:ca:db:d6:23:f5:9f
1b:a0:42:9a:9b:48:26:9b:55:a2:f1:11:91:7c:a7:6d
62:35:7d:bc:a4:c1:68:d2:f1:bf:85:b5:be:45:7c:78
6e:25:86:ab:29:6b:d1:1e:8d:4c:2e:f9:3b:0f:6f:59
3e:5b:c7:47:03:2d:d2:ab:fc:9f:25:59:88:18:0b:fb
86:bf:75:85:67:50:02:aa:45:a0:44:77:78:d9:99:fe
1d:9f:51:c5:e6:41:77:b2:c6:bc:8d:b0:1f:8b:9b:78
e7
Exponent (bits 24):
01:00:01
Extensions:
Key Usage (not critical):
Digital signature.
Key encipherment.
Data encipherment.
Key Purpose (not critical):
TLS WWW Server.
TLS WWW Client.
Unknown extension 1.2.840.113549.1.9.15 (not critical):
ASCII:
0i0...*.H.........0...*.H.........0...`.H.e...*0...`.H.e...-0...`.H.e....0...`.H.e....0...
+....0...*.H.....
Hexdump:
3069300e06082a864886f70d030202020080300e06082a864886f70d030402020080300b060960864801650304012a300b060960864801650304012d300b0609608648016503040102300b0609608648016503040105300706052b0e030207300a06082a864886f70d0307
Subject Key Identifier (not critical):
9db0981c245ad49ded5153c4d7f6bab18d7b900f
Authority Key Identifier (not critical):
51af24269cf468225780262b3b4662157b1ecca5
CRL Distribution points (not critical):
URI:
http://mscrl.microsoft.com/pki/mscorp/crl/msitwww2.crl
URI:
http://crl.microsoft.com/pki/mscorp/crl/msitwww2.crl
Authority Information Access (not critical):
Access Method: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers)
Access Location URI:
http://www.microsoft.com/pki/mscorp/msitwww2.crt
Access Method: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp)
Access Location URI: http://ocsp.msocsp.com
error: certificate policies import: ASN1 parser: Error in DER parsing.
Unknown extension 1.3.6.1.4.1.311.21.10 (not critical):
ASCII: 0.0...+.......0...+.......
Hexdump:
3018300a06082b06010505070301300a06082b06010505070302
Subject Alternative Name (not critical):
DNSname: outlook.com
DNSname: *.outlook.com
DNSname: office365.com
DNSname: *.office365.com
DNSname: *.live.com
DNSname: *.internal.outlook.com
DNSname: *.outlook.office365.com
DNSname: outlook.office.com
DNSname: attachment.outlook.office.net
DNSname: attachment.outlook.officeppe.net
DNSname: *.office.com
Signature Algorithm: RSA-SHA256
Signature:
0d:4c:9c:84:be:af:71:b2:88:98:e0:db:e6:6c:c7:ba
bd:e3:3e:3c:a2:f4:50:26:a2:06:eb:f7:3b:51:4c:ca
ea:d1:05:90:87:a9:00:37:cb:b3:32:3e:cb:87:58:1b
b1:8f:d6:3f:5e:e8:ad:9a:d5:2b:45:db:fb:44:8c:5d
b5:20:0e:8d:4b:f2:13:88:e1:57:a1:2b:4b:41:9e:13
23:54:9b:dc:82:10:a0:e7:96:72:1b:58:7f:62:88:41
76:2f:40:9b:ad:5a:ec:e9:d6:07:11:50:7d:f1:b8:7c
4a:af:e4:c5:94:88:9c:5a:a4:1c:72:70:58:cd:4a:95
76:6f:76:22:19:47:a9:d8:d3:e2:42:88:62:33:c3:5c
4c:be:18:c7:a1:f7:e8:76:09:50:20:8a:db:2e:64:77
d5:2f:d5:7c:8a:4d:ed:ae:48:7a:a6:b1:a8:b5:c6:bf
25:9d:3a:70:aa:fb:09:62:ff:63:3d:33:34:a9:23:be
f4:c5:fe:92:7a:9b:85:2f:92:e8:52:26:86:99:61:4e
11:8f:78:e3:5a:a8:f5:22:b3:fa:a4:3b:1c:f7:d6:1d
e4:79:14:4a:45:2a:e3:13:7c:ca:10:ee:30:31:0a:51
0f:c8:8d:14:f1:d7:39:d6:2f:34:c4:2f:06:5e:46:f0
e4:da:de:31:5c:52:48:b0:6c:66:f2:3d:5a:2f:bf:8e
c5:7c:6b:a4:ce:e1:0f:bd:68:99:06:b1:35:af:b8:9d
85:2e:04:37:8f:a7:fd:40:73:fc:fb:4b:61:0f:81:10
bf:18:c2:7f:50:d7:0a:7c:3f:c7:6a:df:28:d4:03:fb
61:3e:d1:60:5e:c6:4a:a4:b1:70:41:8a:56:17:24:e5
80:1a:42:c6:e3:8c:d7:6b:c7:c3:77:5a:8d:2a:be:ef
c1:bc:94:46:53:bf:52:bd:68:09:00:47:e9:6d:01:63
a8:5d:f1:d4:d4:7e:9a:51:2b:89:3b:ae:8e:a0:1e:85
7f:10:61:d4:f0:28:d2:cc:25:21:79:66:27:24:18:d0
a2:fa:49:41:01:dd:64:9a:f4:dd:63:7c:1f:dc:a6:0b
05:07:d4:56:48:1a:d5:e2:e8:aa:65:ab:3c:b1:58:87
3f:10:14:b1:7f:18:d8:8b:90:04:48:82:e0:0c:65:5e
fb:bd:cd:07:97:d5:21:37:6c:32:12:70:6b:7e:39:8e
75:92:83:ff:76:c8:32:15:b5:97:8f:68:0a:4c:61:16
48:b7:10:3f:71:34:f0:f4:c4:40:4f:5b:bd:9b:c7:41
f2:62:9e:c2:87:fd:6c:dd:76:51:fc:87:c5:68:a0:c1
Other Information:
SHA1 fingerprint:
a0476c0c30347a7a159a9ff50bcdbc84bdd3d166
SHA256 fingerprint:
a1c0266559141b2e70d6c65e1554b216ac7bd3b49f5fb06fc84a2c4cb964ef7a
Public Key ID:
8d168ddb5c566672875f2829029291c58867fbb4
Public key's random art:
+--[ RSA 2048]----+
| .oBo. ..=o.|
| . *.. .o. o*o..|
| o . o...o. ..|
| . . B o .|
| o .S + |
| E. |
| |
| |
| |
+-----------------+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160211/a3473a7c/attachment-0001.sig>
More information about the Gnutls-devel
mailing list