[log in to unmask] wrote
Thu, 26 Jun 2014 13:46:10 +0000:
| hi,
|
| I'm sure we've discussed this before...but cant recall seeing a fix in behaviour
| so chucking it back onto the RADAR for discussion/action (if I need to raise a bug
| report than tell me on which repository ;-) )
|
| currently, we are editing the certificate file when creating client.pem file so that it ONLY has
| -----BEGIN CERTIFICATE-----
| certificate data here
| -----END CERTIFICATE------
|
| rather than having any other content...which it will , by default, as commonly you get the
| other text stuff present eg
|
| Bag Attributes
| localKeyID: A6 22 35 BD 00 1C 2B 20 DE A4 29 BD D0 E4 21 2E 2A 69 90 32
| Key Attributes: <No Attributes>
|
| etc etc.
|
|
| a utility using SSL libraries should only care about the main stuff and ignore anything else
| in the file, it would be nice/proper for libradsec to do so.
|
| many thanks
|
| alan
Hi Alan,
Yes, this has been up before. My (late) response back then was that I
was unable to reproduce the problem. My (late) response now is the same,
I'm afraid. I just tried
$ examples/client examples/client.conf blocking-tls
with a 'certfile' containing the output from 'openssl x509 -text',
i.e. starting with
--8<---------------cut here---------------start------------->8---
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
--8<---------------cut here---------------end--------------->8---
If you provide me with a certificate that fails for you, I will see if I
can reproduce it using that one.
Thanks,
Linus
|