[Bug 1207123] [NEW] Key usage violation in certificate has been detected

Launchpad Bug Tracker 1207123 at bugs.launchpad.net
Mon Aug 5 16:04:13 UTC 2013


You have been subscribed to a public bug by Adam Stokes (adam-stokes):

[Impact]
A certificate issued to allow _only_ a certain ciphersuite (e.g. RSA) gnutls will fail with a key usage violation unless the server explicitly disables all other ciphersuites.

[Test Case]
+ On a 12.04 system install a valid certificate supporting only RSA
+ Configure an ssl enabled website via apache2 using the above certificate
+ Run gnutls-cli <hostname>

[Regression Potential]
The fix for this was pulled from 13.04 and so far no major bugs have been filed relating to this specific issue.

[Additional]
As stated above the attached debdiff(s) for quantal and precise were pulled from 13.04 where the code just ignores this violation and moves on. I don't know of a better way to handle this and perhaps someone with more knowledge around gnutls could provide more insight.

** Affects: gnutls26 (Ubuntu)
     Importance: Undecided
         Status: Fix Released

** Affects: gnutls26 (Ubuntu Precise)
     Importance: Undecided
         Status: New

-- 
Key usage violation in certificate has been detected
https://bugs.launchpad.net/bugs/1207123
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.



More information about the Ubuntu-sponsors mailing list