Verify MD2 algorithm signed certificates

liuxiaoyu wkfta at
Wed Aug 25 09:02:20 CEST 2010



I am attemping to verify some MD2 algorithm signed certificates using GnuTLS 2.6.3. 


I notice it says in the GnuTLS manual that MD2 algorithms have been broken and should not be trusted, but flag "GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2" can be used with verification functions "guntls_x509_crt_verify()" to allow certificates to be signed using the old MD2 algorithm.


However, when I used the following function call it still return "GNUTLS_CERT_INVALID".


 gnutls_x509_crt_verify (crt, ca_list, ca_list_size,


I have attached the certificates I used. Zip password: guntls


Is there any problem in the certificates? Any advise on what I should do to make it work?

Thanks and Regards,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20100825/0dd67987/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Type: application/x-zip-compressed
Size: 2307 bytes
Desc: not available
URL: </pipermail/attachments/20100825/0dd67987/attachment.bin>

More information about the Gnutls-help mailing list