Package: libssl1.0.0 Version: 1.0.1e-2+deb7u14 Severity: important Dear Maintainer,
After upgrading to 1.0.1e-2+deb7u13 Client Certificate Verification failed. Reproduce: root@neo:~# apt-show-versions libssl1.0.0 libssl1.0.0/wheezy upgradeable from 1.0.1e-2+deb7u13 to 1.0.1e-2+deb7u14 root@neo:~# openssl verify -CAfile myCa.cer myClient.pem myClient.pem: OK root@neo:~# apt-get upgrade root@neo:~# apt-show-versions libssl1.0.0 libssl1.0.0/wheezy uptodate 1.0.1e-2+deb7u14 root@neo:~# openssl verify -CAfile myCa.cer myClient.pem myClient.pem: CN = My Client, emailAddress = [email protected] error 7 at 0 depth lookup:certificate signature failure As a workaround i keep the u13 version, but what can cause this error ? We use this cerificate for client-authentication in nginx, which throws a comparable error client SSL certificate verify error: (7:certificate signature failure) Kind Regards Marco -- System Information: Debian Release: 7.8 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libssl1.0.0 depends on: ii debconf [debconf-2.0] 1.5.49 ii libc6 2.13-38+deb7u7 ii multiarch-support 2.13-38+deb7u7 ii zlib1g 1:1.2.7.dfsg-13 libssl1.0.0 recommends no packages. libssl1.0.0 suggests no packages. -- debconf information: libssl1.0.0/restart-failed: libssl1.0.0/restart-services: -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
