[gnutls-dev] Certificate with get_issuer_dn and get_dn failing with ASN1 parser: Error in TAG
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon Oct 8 11:07:35 CEST 2007
On Monday 08 October 2007, Tim Kosse wrote:
> Hi,
> I've encountered a certificate which cannot be parsed correctly with
> GnuTLS 2.0.1
> Using certtool -i on the attached certificate prints the following two
> error messages:
> error: get_issuer_dn: ASN1 parser: Error in TAG
> error: get_dn: ASN1 parser: Error in TAG.
Indeed, there is an error in the TAG of this value (Pkcs9email). Your
certificate contains a Printable string instead of the (correct) IA5String.
openssl seems to ignore this error but we don't :)
Which program did it generate the certificate? (pkcs9email is deprecated
anyway). I will update the parser to display the value in hex if it had
problems to decode it.
regards,
Nikos
More information about the Gnutls-devel
mailing list