[gnutls-help] How to deal with multiple certificate chains?

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Jul 11 10:39:08 CEST 2017


On Mon, Jul 10, 2017 at 8:44 PM, Paul Menzel
<paulepanter at users.sourceforge.net> wrote:
> Dear GnuTLS folks,
>
>
> There is a regression in the banking software AqBanking [1] after the
> removal of a certificate with a short hash. AqBanking uses Gwenhywfar,
> which uses GnuTLS.
>
> The good thing is, that the GnuTLS tools work.
>
>> Status: The certificate is trusted.
[...]
> Now, if Gwenhywfar is used, a different certificate chain is used.

How did you verify that a different chain is used? Have you checked
the differences in the wireshark traces between gnutls-cli and the
application you use?

regards,
Nikos



More information about the Gnutls-help mailing list