22 Jun 12:52
Re: Re: gnutls_certificate_verify_peers2() / GNUTLS_CERT_INVALID
From: Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
Subject: Re: Re: gnutls_certificate_verify_peers2() / GNUTLS_CERT_INVALID
Newsgroups: gmane.network.gnutls.general
Date: 2008-06-22 10:52:35 GMT
Subject: Re: Re: gnutls_certificate_verify_peers2() / GNUTLS_CERT_INVALID
Newsgroups: gmane.network.gnutls.general
Date: 2008-06-22 10:52:35 GMT
Rainer Gerhards wrote: > Some more info: asn1_read_value returns ASN1_ELEMENT_NOT_FOUND. The > value in question is "pathLenConstraint", node is a non-NULL value (I > put a printf() in _gnutls_x509_read_uint()). >>>> 5292.675380113:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: verify.c:301 >>>> >>>> 5292.741284540:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: dn.c:1212 >>>> >>>> 5292.744965838:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: verify.c:395 >>>> >>>> 5292.751276475:main queue:Reg/w0: GnuTLS returned no specific reason >>>> for GNUTLS_CERT_INVALID, certificate status is 2 As far as I understand here the verification correctly does not succeed because some DN's do not match. If you still think it is a gnutls bug, please send a way for me to reproduce this problem (a chain of certificates that should verify, and the way to produce them). However I'd say to check if the certificate chain is correctly send etc. regards, Nikos
RSS Feed