Bug#737921: [TLS1.2] gnutls only likes SHA1 and SHA256 certificates
Tobias Fiebig
tfiebig at wybt.net
Sat Apr 19 09:50:04 UTC 2014
Heho,
I'd like to push this issue again. My point may not have come across in
my previous post.
With the heartbleed stuff many people currently re-issue. In the same
process some CA's now decided to bump their settings to max, i.e. impose
sha512 on their users.
The bug in place basically means no ssl/tls for openldap related
programs in those cases.
Although people _could_ technically re-issue switch to their own
ca/self-sig certs or switch to a CA which does support sth. != sha512,
such a solution is most certainly not convenient.
With best Regards,
Tobias
More information about the Pkg-gnutls-maint
mailing list