[Help-gnutls] Re: 1.2.9 release candidate
Simon Josefsson
jas at extundo.com
Tue Nov 1 14:39:18 CET 2005
Daniel Stenberg <daniel at haxx.se> writes:
> On Tue, 1 Nov 2005, Nikos Mavrogiannopoulos wrote:
>
>>> #ifdef GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2
>>> flags | = GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2;
>>> #endif
>>
>> No you don't want to add this line. It is not needed to verify the
>> certificate in question (the one sent some days ago) since it was
>> self signed with MD2
>
> Sorry, but then I'm lost. Can you then please enlighten me what I
> would need to do to verify that certificate with GnuTLS 1.2.9?
Nothing. It work by default. See an earlier reply from me, which
included output from gnutls-cli with successful verification.
You may want to use the MD5 flag, but I really recommend against it.
Trusted MD5 roots will work anyway, since they are trusted directly.
/Simon
More information about the Gnutls-help
mailing list