dirmngr - unknown critical extensions 2.5.29.28

antonio antonio2 at blia.it
Sat Oct 13 20:39:46 CEST 2007


Hi,

I've had problems loading this crl [1]
...
dirmngr[15543]: unknown critical CRL extension 2.5.29.28
dirmngr[15543]: crl_cache_insert via DP failed: Invalid CRL
dirmngr[15543]: command ISVALID failed: Invalid CRL
...

I've modified crlcache.c and it works, but it is only a temporary solution 
because I don't know differences between oid 2.5.29.20   (oidstr_crlNumber in 
crlcache.c)  and 2.5.29.28 [2]

...
 /* Check for unknown critical extensions.  */
  for (idx=0; !(err=ksba_crl_get_extension (crl, idx, &oid, &critical,
                                              NULL, NULL)); idx++)
    {
      if (!critical
          || !strcmp (oid, oidstr_authorityKeyIdentifier)
          || !strcmp (oid, oidstr_crlNumber)
+          || !strcmp (oid, "2.5.29.28") )
...


[1] http://ca.cnipa.gov.it/crl3.crl
[2] 
http://www.redhat.com/docs/manuals/cert-system/admin/7.2/Certificate.Extensions.14986.html


-- 
Antonio
http://www.blia.it



More information about the Gpa-dev mailing list