On Wed, 30 Mar 2005, Nikos Mavrogiannopoulos wrote:
In DHE_RSA the RSA certificate is used to sign a diffie hellman key exchange. This offers perfect forward secrecy, which means that if the certificate is compromised at a future date, the old session data are still safe. This property is not available in the plain RSA ciphersuite.
I see.
Okay, I changed the CA setup so that key usage is now Digital Signature and Key Encipherment.
Now connecting with gnutls-cli works.
However, I am still seeing problems with another smtpd which is linked against gnutls.
Connecting with gnutls-cli --x509certfile /etc/ssl/certs/ca-certificates.crt --x509keyfile /etc/exim4/smtp_client.key -s -p 25 mail2.bawue.de
still gives:
*** Fatal error: Key usage violation in certificate has been detected. *** Handshake has failed
As this only happens when the x509keyfile is used, I checked the keyfile for the allowed usages and is has Digital Signature and Key Encipherment as well.
Reading http://www.ietf.org/rfc/rfc2459.txt it is not exactly clear if this is correct or not.
keyAgreement and decipherOnly might be okay as well.
Any suggestions?
True. But it might be considered a bad idea for programs which worked previously to fail as soon as they are linked against gnutls.Well it would be useless for a certificate to have the key usage bits set when nobody actually checks them. If you use them, it's probably because you want to limit the key's scope, and gnutls is just enforcing it. If you don't want these checks, you shouldn't put such extensions to your certificates.
bye, andreas
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
