[gnutls-devel] GnuTLS | GnuTLS rejects a certificate since it parsed the critical extension policyConstraints to unknown ext (#1161)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Jan 26 02:35:58 CET 2021
GOODPWDCETCSZ created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1161
## Description of problem:
GnuTLS rejects a certificate since it parsed the critical extension policyConstraints to unknown ext.
## Version of gnutls used:
3.5.5, 3.6.13
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu x64
## How reproducible:
Steps to Reproduce:
* `certtool --verify --load-ca-certificate ca.pem --infile seed-16s31-255s21-363s29.pem`
## Actual results:
```
Chain verification output: Not verified. The certificate is NOT trusted. The certificate contains an unknown critical extension.
```
## Expected results:
The cert is accepted.[ca.zip](/uploads/23d12386efd880eb0b97305c33132885/ca.zip)
[seed-16s31-255s21-363s29.zip](/uploads/a531d43366524deae328531f4fc077ec/seed-16s31-255s21-363s29.zip)
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1161
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210126/3f8f45a5/attachment.html>
More information about the Gnutls-devel
mailing list