[gnutls-devel] Certificate generation with certtool 3.4.8: Missing Key Usage flags

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Jan 30 16:03:56 CET 2016

On Sat, Jan 30, 2016 at 1:57 AM, Thomas Klute
<thomas2.klute at uni-dortmund.de> wrote:
> Hi everyone,
> my attempt to build mod_gnutls with GnuTLS 3.4.8 (Debian unstable)
> failed at the testing stage due to certificate validation errors.
> Looking at the certificates, I found that certtool didn't set Key Usage
> extensions correctly. Details below, and you're welcome to ask if you
> need additional information. You can find my development version of the
> mod_gnutls test suite code at [1].

Thank you Thomas. It seems I was confused as well by a fix on a call
to asn1_write_value(). The calling conventions of asn1_write_value()
seemed tricky. I've reverted the change and added some documentation
to avoid a similar issue in the future.



More information about the Gnutls-devel mailing list