Simon Josefsson schrieb:
> Thank you, I believe this is a problem with your CA certificate, it
> contains a basic constraint as follows:
>
> Certificate Authority (CA): FALSE
>
> You need to set the CA constraint to TRUE for CA certificates.
>
Oh well, thanks a lot! Creati
Simon Josefsson <[EMAIL PROTECTED]> writes:
> Basic Constraints (not critical):
> Certificate Authority (CA): FALSE
Btw, don't forget to mark the basic constraint as critical as well. See
RFC 5280:
4.2.1.9. Basic Constraints
...
Conforming CAs MUST includ
Stefan Söffing <[EMAIL PROTECTED]> writes:
> Thanks for your help, here is the output:
Thank you, I believe this is a problem with your CA certificate, it
contains a basic constraint as follows:
Certificate Authority (CA): FALSE
You need to set the CA constraint to TRUE
Thanks for your help, here is the output:
teilchen01:~# gnutls-cli -p 636 thea.physik.uni-kl.de -d 1 --print-cert
--x509cafile /etc/ssl/certs/thea_cacert.pem
Processed 1 CA certificate(s).
Resolving 'thea.physik.uni-kl.de'...
Connecting to '131.246.123.113:636'...
- Certificate type: X.509
- Got
Stefan Söffing <[EMAIL PROTECTED]> writes:
> Hi,
>
> thank you for looking into this problem.
>
> I just tried libgnutls26 2.4.2-4, unfortunately it doesn't solve this
> problem for me, I still get
>
> - Peer's certificate is NOT trusted
>
> for the self-signed certificate. LDAP access is still br
Hi,
thank you for looking into this problem.
I just tried libgnutls26 2.4.2-4, unfortunately it doesn't solve this
problem for me, I still get
- Peer's certificate is NOT trusted
for the self-signed certificate. LDAP access is still broken.
- Stefan
--
To UNSUBSCRIBE, email to [EMAIL PROT
Hi,
it says:
Resolving 'thea.physik.uni-kl.de'...
Connecting to '131.246.123.113:636'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
-BEGIN CERTIFICATE-
[...]
-END CERTIFICATE-
# The hostname in the
Stefan Soeffing <[EMAIL PROTECTED]> writes:
> Package: libgnutls26
> Version: 2.4.2-3
> Severity: important
>
> After the upgrade from 2.4.2-1 to 2.4.2-3 access to an OpenLDAP server is
> broken. ldapwhoami says:
> TLS: peer cert untrusted or revoked (0x2)
> ldap_start_tls: Can't contact LDAP ser
Package: libgnutls26
Version: 2.4.2-3
Severity: important
After the upgrade from 2.4.2-1 to 2.4.2-3 access to an OpenLDAP server is
broken. ldapwhoami says:
TLS: peer cert untrusted or revoked (0x2)
ldap_start_tls: Can't contact LDAP server (-1)
The certificate is valid until 2018 and was not re
9 matches
Mail list logo
