[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#19098: 24.4.51; gnutls.c doesn't handle wildcard certificates
|
From: |
Lars Magne Ingebrigtsen |
|
Subject: |
bug#19098: 24.4.51; gnutls.c doesn't handle wildcard certificates |
|
Date: |
Mon, 08 Dec 2014 21:11:49 +0100 |
|
User-agent: |
Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) |
Ted Zlatanov <tzz@lifelogs.com> writes:
> and is caused by the GNUTLS_CERT_INVALID flag. But I don't see a hint
> anywhere that it does not work with wildcard certs (you have to
> explicitly disable them, so the assumption is that they work by
> default). Also, if you set `gnutls-verify-error' to t, do you get the
> corresponding error in the non-NSM flow? "$HOSTNAME certificate could
> not be verified."
Yes:
Debugger entered--Lisp error: (error "Certificate validation failed
33.media.tumblr.com, verification code 2")
gnutls-boot(#<process nntpd<4>> gnutls-x509pki (:priority "NORMAL" :hostname
"33.media.tumblr.com" :loglevel 0 :min-prime-bits 256 :trustfiles
("/etc/ssl/certs/ca-certificates.crt") :crlfiles nil :keylist nil :verify-flags
nil :verify-error t :callbacks nil))
So I think the certificate just couldn't be verified, so this bug report
is, like, totally bogus, man.
Closing.
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
- bug#19098: 24.4.51; gnutls.c doesn't handle wildcard certificates,
Lars Magne Ingebrigtsen <=