[gnutls-devel] certificate I can't import
ametzler at bebt.de
Sat Aug 15 14:28:09 CEST 2015
On 2015-08-15 Kurt Roeckx <kurt at roeckx.be> wrote:
> I didn't have time yet to look into this myself, but I have a
> bunch of certificates I can't import it with
> gnutls_x509_crt_import(). I can perfectly read them with openssl
> and can't see anything obvious wrong with them at a first look.
> Can someone look at this? I've attached an example.
ametzler at argenau:/tmp$ certtool --infile=/tmp/fail.pem -i --debug=4711
Setting log level to 4711
|<2>| Unknown SIGN OID: '1.2.840.1135220.127.116.11'
|<2>| signatureAlgorithm.algorithm differs from tbsCertificate.signature.algorithm: RSA-SHA1, (null)
1.2.840.113518.104.22.168 is "rsaEncryption", I *guess* that is not a valid
signature algoritm, it should read somethigng like sha1WithRSAEncryption.
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-devel