[Pkg-openssl-devel] Bug#648285: More information
martin f krafft
madduck at debian.org
Thu Nov 10 15:22:34 UTC 2011
also sprach martin f krafft <madduck at debian.org> [2011.11.10.1601 +0100]:
> When the client presents a certificate (which is not expired,
> I checked), however, the server says:
>
> postfix/smtpd[4981]: warning: TLS library problem:
> 4981:error:0D0C50A1:asn1 encoding
> routines:ASN1_item_verify:unknown message digest
> algorithm:a_verify.c:141:
Just before this, the server notes:
postfix/smtpd[28763]: CA certificate verification failed for
fishbowl.gern.madduck.net[2001:a60:f0fb:0:224:d7ff:fe04:c82c]:
num=7:certificate signature failure
However, the certificate is unchanged and verifiable:
% openssl verify -CAfile /etc/ssl/certs/cacert.org.pem -purpose
sslclient /etc/ssl/certs/fishbowl.gern.madduck.net.pem
/etc/ssl/certs/fishbowl.gern.madduck.net.pem: OK
--
.''`. martin f. krafft <madduck at d.o> Related projects:
: :' : proud Debian developer http://debiansystem.info
`. `'` http://people.debian.org/~madduck http://vcs-pkg.org
`- Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: digital_signature_gpg.asc
Type: application/pgp-signature
Size: 1124 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20111110/5e74ede4/attachment.pgp>
More information about the Pkg-openssl-devel
mailing list