[Bug 1207123] Re: Key usage violation in certificate has been detected
Brian Murray
brian at ubuntu.com
Wed Aug 14 16:35:10 UTC 2013
** Changed in: gnutls26 (Ubuntu Precise)
Importance: Undecided => Medium
** Changed in: gnutls26 (Ubuntu Quantal)
Importance: Undecided => Medium
** Changed in: gnutls26 (Ubuntu Precise)
Status: New => Triaged
** Changed in: gnutls26 (Ubuntu Quantal)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1207123
Title:
Key usage violation in certificate has been detected
Status in “gnutls26” package in Ubuntu:
Fix Released
Status in “gnutls26” source package in Precise:
Triaged
Status in “gnutls26” source package in Quantal:
Triaged
Bug description:
[Impact]
A certificate issued to allow _only_ a certain ciphersuite (e.g. RSA) gnutls will fail with a key usage violation unless the server explicitly disables all other ciphersuites.
[Test Case]
+ On a 12.04 system install a valid certificate supporting only RSA
+ Configure an ssl enabled website via apache2 using the above certificate
+ Run gnutls-cli <hostname>
[Regression Potential]
The fix for this was pulled from 13.04 and so far no major bugs have been filed relating to this specific issue.
[Additional]
As stated above the attached debdiff(s) for quantal and precise were pulled from 13.04 where the code just ignores this violation and moves on. I don't know of a better way to handle this and perhaps someone with more knowledge around gnutls could provide more insight.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1207123/+subscriptions
More information about the foundations-bugs
mailing list