On Tue, 2013-07-09 at 10:58 -0400, Steve Madsen wrote: > For anyone that runs across this thread in the future, I have solved > the problem and is it ever maddening. > > GNU TLS was choking on the contents of the certificate file because > pasting them from an email added an extra space at the end of each > line. I removed the spaces and Exim is happily using the certificate > and key. > > Graeme, thanks for the push towards GNU TLS. There was just enough > chatter about how GNU TLS is more strict than OpenSSL for me to > ultimately discover the root cause.
Have you reported this as a bug upstream to GnuTLS? If OpenSSL accepts these certs then it would seem sensible for GnuTLS to do so. If *not*, then you end up with GnuTLS being suboptimal as a replacement for OpenSSL for projects like Exim, because it doesn't let us remain backward-compatible with existing setups. Although you could also work out where the extra space came from, and ensure you file a bug for that too. Cutting and pasting from email shouldn't corrupt the contents. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
