Bug#514578: LDAP STARTTLS is broken

Witold Baryluk baryluk at smp.if.uj.edu.pl
Fri Feb 13 14:37:35 UTC 2009

On 02-12 21:24, Simon Josefsson wrote:
> Witold Baryluk <baryluk at smp.if.uj.edu.pl> writes:
> > I had the same problem today with 2.4.2-5,
> > on my Lenny boxes. 2.4.2-6 also doesn't work. Reverted not to 2.4.2-4.
> >
> > I will regenerate all certificates but this bug is quite invasive.
> > Mayby there should be some flags in configuration, or more verbose
> > information about problem on upgrade.
> Can you elaborate on what you mean the "same problem"?  This bug report
> discuss several distinct problems, and it helps to understand whether
> your problem is with RSA-MD5 signatures or with V1 CAs, or something
> else.
> Thanks,
> /Simon

The same as orginal bugreport. My private CA certificate is signed with MD5.
I know that it is not secure, but I suppose it can break lots of machnies
if administrators of them will not be informed properly (or some environment
flag for temporarly allowing this).

Can provide any logs if needed.


Witold Baryluk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20090213/ee5a5e78/attachment.pgp 

More information about the Pkg-gnutls-maint mailing list