Simon Josefsson dixit:
>Being liberal in what you accept for security protocol implementations
This does not (to me) seem to be one of these “almost always” cases…
>doesn't help: the server remains broken for any other implementations.
“any other” except OpenSSL, which continues to be the most
tags 573736 wontfix
retitle 573736 permit incorrectly sorted server certificate chains
thanks
Thorsten Glaser writes:
> Simon Josefsson dixit:
>
>>It seems alioth.debian.org is configured incorrectly, the chain it is
>>sending isn't sorted in the right order:
> […]
>>So I don't see any GnuTLS bu
# take two
reopen 573736
retitle 573736 gnutls: sort certificate chain to work around misconfigured
servers
severity 573736 wishlist
reassign 573736 libgnutls26 2.8.6-1
thanks
Thorsten Glaser wrote:
> Simon Josefsson dixit:
>> It seems alioth.debian.org is configured incorrectly, the chain it is
On 2010-03-26 Jonathan Nieder wrote:
[..]
> As mirabilos reports, verification of the alioth.debian.org
> certificates is failing, which means that commands such as
> git clone https://alioth.debian.org/anonscm/git/pkg-wml/pkg-wml.git
> fail. The problem is reproducible using gnutls-cli. Ide
Simon Josefsson dixit:
>It seems alioth.debian.org is configured incorrectly, the chain it is
>sending isn't sorted in the right order:
[…]
>So I don't see any GnuTLS bug here.
Most people configuring servers are clueless. Why can’t GnuTLS sort
the chain (and drop the Root CA Cert) itself, as Ope
Jonathan Nieder writes:
> Hi GnuTLS maintainers,
>
> As mirabilos reports, verification of the alioth.debian.org
> certificates is failing, which means that commands such as
>
> git clone https://alioth.debian.org/anonscm/git/pkg-wml/pkg-wml.git
>
> fail. The problem is reproducible using gnut
reassign 573736 libgnutls26 2.8.6-1
thanks
Hi GnuTLS maintainers,
As mirabilos reports, verification of the alioth.debian.org
certificates is failing, which means that commands such as
git clone https://alioth.debian.org/anonscm/git/pkg-wml/pkg-wml.git
fail. The problem is reproducible using
Jonathan Nieder dixit:
>> On the same system:
>>
>> $ openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -connect
>> alioth.debian.org:443
>[...]
>> subject=/O=Debian/CN=alioth.debian.org/emailaddress=ad...@alioth.debian.org
>> issuer=/O=Debian/CN=ca.debian.org/emailaddress=debian-ad...
found 573736 git-core/1:1.7.0.3-1
severity 573736 important
thanks
Thorsten Glaser wrote:
> On a sid system:
>
>git clone https://alioth.debian.org/anonscm/git/pkg-wml/pkg-wml.git
> Initialized empty Git repository in /home/tg/shared/pkg-wml/.git/
> error: server certificate verification fai
Package: git-core
Version: 1:1.7.0-1
Severity: normal
On a sid system:
git clone https://alioth.debian.org/anonscm/git/pkg-wml/pkg-wml.git
Initialized empty Git repository in /home/tg/shared/pkg-wml/.git/
error: server certificate verification failed. CAfile:
/etc/ssl/certs/ca-certificates.cr
10 matches
Mail list logo
