[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] Key usage violation in certificate
|
From: |
Kevin P. Fleming |
|
Subject: |
Re: [Help-gnutls] Key usage violation in certificate |
|
Date: |
Tue, 04 Nov 2008 11:26:13 -0600 |
|
User-agent: |
Thunderbird 2.0.0.17 (X11/20080925) |
Joe Orton wrote:
>> Could it be then that libneon selected a wrong certificate from the
>> pkcs12 file?
>
> I'm missing some context here, but current neon releases can indeed do
> that, this is a known neon bug, see:
>
> http://lists.manyfish.co.uk/pipermail/neon/2008-October/000086.html
>
>> Does it use gnutls_certificate_set_x509_simple_pkcs12_file()?
>
> Just for the record - neon doesn't use that function, no.
OK, on the basis of this note (and yes, our client cert pkcs12 files
usually contain the CA cert as well), I regenerated the pkcs12 file for
my cert without the CA cert in it, and the problem has been worked
around. We don't really need the CA cert to be in the pkcs12 files, so
this will work for us. Thanks to everyone who helped solve this problem :-)
--
Kevin P. Fleming
Director of Software Technologies
Digium, Inc. - "The Genuine Asterisk Experience" (TM)