x509 v1 certificate
ARIGA Seiji
ariga at os.rim.or.jp
Thu Oct 5 13:38:32 CEST 2006
hi.
On Sat, 30 Sep 2006 11:11:36 +0900 (JST),
ARIGA Seiji <ariga at os.rim.or.jp> wrote,
> > > ----
> > > gpgsm: error getting key usage information: No value
> > > gpgsm: invalid certification chain: No value
> > > ----
> >
> > Sure, that you added the "relax" flag to the appropriate line of the
> > trustlist.txt and also updated the gpg-agent.?
>
> do you mean that is expected ? i thought you've changed gpgsm to allow
> us to use/validate old VeriSign cert (v1 certs).
>
> # but as i showed, "--verify" still failed.
>
> without "relax", i only got this.
>
> ----
> gpgsm: invalid certification chain: No value
> ----
>
> i think certlist.c:cert_usage_p() returns message
> above ("... key usage ...").
>
> # this is called by certchain.c:gpgsm_cert_use_cert_p()
> # (which looks irrelevant to "relax" flag).
did i misunderstand something ? i cannot still verify certs signed
by VeriSign's old cert.
// ARIGA Seiji
More information about the Gnupg-devel
mailing list