Comment 65 for bug 305264
Revision history for this message
| Doug Engert (deengert) wrote Re: [Bug 305264] Re: gnutls regression: failure in certificate chain validation | #65 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
9199653
demo site
(Get the code!)
Mathias Gug wrote:
> @Andy:
>
> Could you describe the X509 certs and CA you're using?
>
We were using ldap and Verisign, and the root CA was a V2 from 1999
which signed an intermediate cert that signed the server certs.
I submitted to gnutls a few changes to allow for stoping at the
intermediate cert which I believe they added.
In the meantime, we turned off cert checking, and have now
replaced LDAP Verisign certs with certs issued localy.
I will send you a copy of the note to gnutls from 1/8/2009
which has the certs.
--
Douglas E. Engert <email address hidden>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444