Hello! Point is that some applications don't support non-RFC-compliant certificates. My first *guess* is default MySQL SSL implementation - yassl - which is compiled into MySQL binary provided by MySQL, and also debian-like operating systems.
Help me to decide what to do further with this issue, I'm really not sure which door to knock at: - debian/ubuntu ca-certificates maintainers - yassl devs - mozilla devs Btw. What you mean by "so obviously it's not RFC-compliant in there"? Why certs come from Mozilla truststore are considered to be non-RFC-compilant? -- ca-certificates differ from those provided by root CA https://bugs.launchpad.net/bugs/314710 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs