a...@gedanken.demon.co.uk (Andrew M. Bishop) writes: > One thing that I noticed during the debugging of this problem is that > the newly created certificates (above) are described by certtool as > "Version: 3" but the WWWOFFLE ones are "Version: 1".
V1 CA certs should be permitted in latest GnuTLS, but it was disabled during some releases. I suspect this is not well tested, V1 certs are rare, so there could be some bug. Could you enable certification validation logging somehow? Or run gnutls-cli/gnutls-serv with logging enabled. /Simon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
