Mathias Gug wrote: > @Andy: > > Could you describe the X509 certs and CA you're using? >
We were using ldap and Verisign, and the root CA was a V2 from 1999 which signed an intermediate cert that signed the server certs. I submitted to gnutls a few changes to allow for stoping at the intermediate cert which I believe they added. In the meantime, we turned off cert checking, and have now replaced LDAP Verisign certs with certs issued localy. I will send you a copy of the note to gnutls from 1/8/2009 which has the certs. -- Douglas E. Engert <deeng...@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 -- gnutls regression: failure in certificate chain validation https://bugs.launchpad.net/bugs/305264 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs