[Pkg-openssl-devel] Bug#544819: Bug#544819: libssl0.9.8: asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:a_verify.c:146:
Kurt Roeckx
kurt at roeckx.be
Mon Sep 7 20:55:14 UTC 2009
severity 544819 important
merge 544819 541735
thanks
On Thu, Sep 03, 2009 at 08:00:24AM +0200, Michael Neuffer wrote:
> Package: libssl0.9.8
> Version: 0.9.8k-4
> Severity: serious
>
> fetchmail: Server certificate verification error: certificate signature failure
> 32201:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:a_verify.c:146:
> 32201:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:983:
> fetchmail: SSL connection failed.
> fetchmail: socket error while fetching from foobarbaz at securepop.t-online.de
> fetchmail: Query status=2 (SOCKET)
> fetchmail: sleeping at Mon Aug 31 12:05:17 2009 for 180 seconds
> fetchmail: awakened at Mon Aug 31 12:08:17 2009
> fetchmail: Error exchanging credentials
> fetchmail: Server certificate verification error: certificate signature failure
> 32201:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:a_verify.c:146:
> 32201:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:983:
> fetchmail: SSL connection failed.
> fetchmail: socket error while fetching from foobarbaz at securepop.t-online.de
> fetchmail: Query status=2 (SOCKET)
>
It's a known issue of the security update. It seems that
verisign's root certificate is making use of MD2.
Kurt
More information about the Pkg-openssl-devel
mailing list