Bug#752272: Last certificate not self-signed
Jo Drexl
jo.drexl at poly-tick.de
Sun Jun 22 00:26:14 UTC 2014
After installing the stable package and rerunning 'certtool -e
--load-ca-certificate cacert.pem --infile servercert.pem', the outcome
was:
Certificate[0]: CN=testserver,O=Server.inc
Issued by: CN=testserver,O=Server.inc
certtool: the last certificate is not self signed
With the backports package the same command issued:
Loaded 1 certificates, 1 CAs and 0 CRLs
Subject: CN=testserver,O=Server.inc
Issuer: CN=TestCA
Output: Not verified. The certificate is NOT trusted. The certificate
issuer is unknown.
Subject: CN=testserver,O=Server.inc
Issuer: CN=TestCA
Output: Not verified. The certificate is NOT trusted. The certificate
issuer is unknown.
Chain verification output: Not verified. The certificate is NOT trusted.
The certificate issuer is unknown.
It seems the self-sign for snakeoil CAs is broken.
Good luck, I don't think I'm of much use here, still playing around and
trying to find out what I'm doing here ;)
Jo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20140622/9451023c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: face-wink.png
Type: image/png
Size: 1052 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20140622/9451023c/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20140622/9451023c/attachment.sig>
More information about the Pkg-gnutls-maint
mailing list