[Help-gnutls] Problems with Key usage violation

Andreas Thienemann andreas at dicp.ghb.fh-furtwangen.de
Wed Mar 30 23:29:55 CEST 2005

On Wed, 30 Mar 2005, Nikos Mavrogiannopoulos wrote:

> In DHE_RSA the RSA certificate is used to sign a diffie hellman key exchange.
> This offers perfect forward secrecy, which means that if the certificate
> is compromised at a future date, the old session data are still safe. This
> property is not available in the plain RSA ciphersuite.
I see.

Okay, I changed the CA setup so that key usage is now Digital Signature 
and Key Encipherment.

Now connecting with gnutls-cli works.

However, I am still seeing problems with another smtpd which is linked 
against gnutls.

Connecting with gnutls-cli --x509certfile /etc/ssl/certs/ca-certificates.crt --x509keyfile 
/etc/exim4/smtp_client.key -s -p 25 mail2.bawue.de
still gives:

*** Fatal error: Key usage violation in certificate has been detected.
*** Handshake has failed

As this only happens when the x509keyfile is used, I checked the keyfile 
for the allowed usages and is has Digital Signature and Key Encipherment 
as well.
Reading http://www.ietf.org/rfc/rfc2459.txt it is not exactly clear if 
this is correct or not.
keyAgreement and decipherOnly might be okay as well.

Any suggestions?

> Well it would be useless for a certificate to have the key usage bits set when
> nobody actually checks them. If you use them, it's probably because you want
> to limit the key's scope, and gnutls is just enforcing it. If you don't want
> these checks, you shouldn't put such extensions to your certificates.
True. But it might be considered a bad idea for programs which worked 
previously to fail as soon as they are linked against gnutls.


More information about the Gnutls-help mailing list