rsyslog-gnutls can't validate V1 CA certificates
Bug #514079 reported by
H.-Dirk Schmitt
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Rsyslog |
Won't Fix
|
Medium
|
|||
| rsyslog (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: rsyslog
In my organisation the CA is based on a V1 CA certificate.
This triggers the following error:
pluto rsyslogd: not permitted to talk to peer, certificate invalid: signer is
not a CA
I can reproduce the problem with gnutls-cli:
gnutls-cli -V --x509cafile /etc/ssl/
pluto.computer4
--> - Peer's certificate issuer is not a CA
If I add '--priority NORMAL:
the certificate validation is successful.
See also http://
https:/
problems with gnutls.
Revision history for this message
|
|
#2 |
Revision history for this message
|
|
#3 |
Revision history for this message
| H.-Dirk Schmitt (dirk-computer42) wrote | #1 |
| Changed in rsyslog: | |
| status: | Unknown → Confirmed |
| Changed in rsyslog: | |
| status: | Confirmed → In Progress |
| Changed in rsyslog: | |
| importance: | Unknown → Medium |
| Changed in rsyslog: | |
| status: | In Progress → Confirmed |
| Changed in rsyslog: | |
| status: | Confirmed → Won't Fix |
To post a comment you must log in.
In my organisation the CA is based on a V1 CA certificate.
This triggers the following error:
pluto rsyslogd: not permitted to talk to peer, certificate invalid: signer is not a CA
I can reproduce the problem with gnutls-cli:
gnutls-cli -V --x509cafile /etc/ssl/
pluto.computer4
--> - Peer's certificate issuer is not a CA
If I add '--priority NORMAL:
See also http://
https:/