[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Intermediate Certificate problem
From: |
Simon Brown |
Subject: |
Re: Intermediate Certificate problem |
Date: |
Thu, 08 Jul 2010 17:37:21 +0100 |
User-agent: |
Wanderlust/2.15.9 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Gojō) APEL/10.8 Emacs/23.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) |
At Thu, 08 Jul 2010 17:59:28 +0200,
Nikos Mavrogiannopoulos <address@hidden> wrote:
> It seems that the program you are using should set the verification flag
> to allow X.509 V.1 certificates. This is done with the
> gnutls_certificate_set_verify_flags(xcred,
> GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
>
> call. For some reason it wasn't default in gnutls-cli as well. I've set
> it now.
Wanderlust is an emacs application, I believe it was using gnutls-cli
directly rather than calling library code.
I shall pass this onto the Wanderlust packager and perhaps the gnutls-cli
packager as a patch is needed.
> By default we disable version 1 certificates since it is not possible to
> distinguish CA certificates from end-user (server) certificates. If one
> is sure that his trusted certificate storage only contains CA
> certificates, then this flag should be specified.
Thanks,
Simon