[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Error making certificate
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: Error making certificate |
Date: |
Mon, 12 Mar 2007 16:52:14 +0100 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.94 (gnu/linux) |
devel <address@hidden> writes:
> certtool (GnuTLS) 1.6.1
> linux x64
>
>
>> certtool -q --outfile new-user.csr
> Certificate request data input in a shell, certtool ask for it.
Thanks! I can reproduce it. It seems pkix_asn1_tab.c wasn't
re-generated after fixing the following problem in 1.6.1:
** Encode UID fields in DN's as DirectoryString. Before GnuTLS
encoded and parsed UID fields as IA5String. This was incorrect, it
should have used DirectoryString. Now it will use DirectoryString
for the UID field, but for backwards compatibility it will also
accept IA5String UID's. Reported by Max Kellermann
<address@hidden>.
I have fixed this in CVS for the 1.6.x branch:
** Regenerate the PKIX ASN.1 syntax tree. For some reason, after
changing the ASN.1 type of ldap-UID in the last release, the
generated C file built from the ASN.1 schema was not refreshed. This
can cause problems when reading/writing UID components inside X.500
Distinguished Names. Reported by devel <address@hidden>.
Please test tomorrow's daily build and tell me if it solves the
problem for you, and I can release 1.6.2.
Btw, if anyone wants something in 1.6.2, now would be the time to ask
for it.
/Simon
>
>
>
>
> El lun, 12-03-2007 a las 13:40 +0100, Simon Josefsson escribió:
>> devel <address@hidden> writes:
>>
>> > Hello, I am trying to use certtool to make certificate, like another
>> > times.
>> > But this time, with another version of gnutls and other arch, my script
>> > do not work. Here is de problem:
>> >
>> >
>> >> certtool -p > new-user.key
>> >
>> > Work
>> >> certtool -q --outfile new-user.csr --load-privkey new-user.key --password
>> >> $PASS
>> >
>> > fail, response of system after input parameters:
>> >
>> >> set_dn: ASN1 parser: Element was not found.
>> >
>> > Any suggestion?
>>
>> Can you send me the CSR that trigger the problem? Which version of
>> GnuTLS are you using, and which version of GnuTLS worked before for
>> you?
>>
>> It sounds as if the CSR doesn't contain some field which certtool need
>> to have.
>>
>> /Simon
> --
> --
> Devel in Precio http://www.pas-world.com