Package: openvpn
Version: 2.1~rc7-1
Severity: normal
option --ns-cert-type server fails on CACert certificates
which have a broader scope than just server key usage:
- TLS Web Client Authentication
- TLS Web Server Authentication
- Netscape Server Gated Crypto
- Microsoft Server Gated Crypto
Probably when parsing the certificate it retains only the first type
which is here "client" and the openvpn connection fails with a
VERIFY nsCertType ERROR: /CN=vpn.yobi.be, require nsCertType=SERVER
Phil
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.22-3-vserver-686
Debian Release: lenny/sid
990 testing www.debian-multimedia.org
990 testing security.debian.org
990 testing ftp.kulnet.kuleuven.ac.be
500 unstable www.debian-multimedia.org
500 unstable sidux.net
500 unstable ftp.kulnet.kuleuven.ac.be
500 unstable debian.jones.dk
500 stable security.debian.org
1 experimental ftp.kulnet.kuleuven.ac.be
--- Package information. ---
Depends (Version) | Installed
=============================-+-==============
debconf | 1.5.21
OR debconf-2.0 |
libc6 (>= 2.7-1) | 2.7-10
liblzo2-2 | 2.03-1
libpam0g (>= 0.99.7.1) | 0.99.7.1-6
libssl0.9.8 (>= 0.9.8f-5) | 0.9.8g-10
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
