help-gnutls
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnutls] Re: gnutls_certificate_verify_peers2() / GNUTLS_CERT_I

From: Nikos Mavrogiannopoulos
Subject: Re: [Help-gnutls] Re: gnutls_certificate_verify_peers2() / GNUTLS_CERT_INVALID
Date: Sun, 22 Jun 2008 13:52:35 +0300
User-agent: Thunderbird 2.0.0.14 (X11/20080505) 
Rainer Gerhards wrote:
> Some more info: asn1_read_value returns ASN1_ELEMENT_NOT_FOUND. The
> value in question is "pathLenConstraint", node is a non-NULL value (I
> put a printf() in _gnutls_x509_read_uint()).

>>>> 5292.675380113:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: 
>>>> verify.c:301
>>>>
>>>> 5292.741284540:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: 
>>>> dn.c:1212
>>>>
>>>> 5292.744965838:main queue:Reg/w0: GnuTLS log msg, level 2: ASSERT: 
>>>> verify.c:395
>>>>
>>>> 5292.751276475:main queue:Reg/w0: GnuTLS returned no specific reason
>>>> for GNUTLS_CERT_INVALID, certificate status is 2

As far as I understand here the verification correctly does not succeed
because some DN's do not match. If you still think it is a gnutls bug,
please send a way for me to reproduce this problem (a chain of
certificates that should verify, and the way to produce them).

However I'd say to check if the certificate chain is correctly send etc.

regards,
Nikos
reply via email to
[Prev in Thread] Current Thread [Next in Thread]