On 10/22/2012 07:08 PM, [email protected] wrote:
> Cannot secure the https (SSL) connection to sso.ncl.edu.tw port 443; 
> [IO(gnutls): Key usage
> violation in certificate has been detected.].

I think the "key usage violation" here is that the server wants to
negotiate only a diffie-hellman cipher suite and the key is marked only
as legitimate for:

                Key Usage (critical):
                        Key encipherment.
                        Data encipherment.


I'm able to connect cleanly if i instruct the client to not try to
negotiate DHE-RSA cipher suites.

   gnutls-cli --priority NORMAL:-DHE-RSA sso.ncl.edu.tw

The server administrators should not have their server
(Apache-Coyote/1.1?) configured to negotiate DHE cipher suites if their
key is not marked with the keyAgreement flag.

See:

 https://tools.ietf.org/html/rfc5280#page-31

>>       The keyAgreement bit is asserted when the subject public key is
>>       used for key agreement.  For example, when a Diffie-Hellman key is
>>       to be used for key management, then this bit is set.

So this is a bug in their server configuration (and possibly in the
non-gnutls clients which continue with the TLS session in the face of an
invalid certificate for the selected key exchange method, i they choose
a diffie-hellman ciphersuite), but not a bug in gnutls.

hth,

        --dkg

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to