[gnutls-devel] GnuTLS | Valid cert fails to verify due to different DN encodings (#553)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Sep 11 12:25:08 CEST 2018

> Which implementation created that certificate?

It was created by the Bouncy Castle java library. Specifically the JRuby
OpenSSL library (which in plain Ruby is a pretty thin OpenSSL API layer
but is heavier in JRuby since the Bouncy Castle x509/SSL stuff doesn't
have an OpenSSL compatible API).

> Have you reported that issue to them?
> https://tools.ietf.org/html/rfc5280#section-7.1

No, the cert looked correct to me. Even after reading section 7.1 that
you linked, I don't see how it is incorrect. It specifically says
UTF8String and PrintableString are both required to be supported. Can
you give me more detail about how it violates the comparison rules?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/553#note_100329927
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180911/910c6fbc/attachment.html>

More information about the Gnutls-devel mailing list