As some of you may know, KDE uses OpenSSL for Konqueror. Lately, we have
been noticing new "Class 3" certificates from Verisign which OpenSSL seems to
be choking on. I have attached the CA root files in DER form, along with
some example certificates presented by various sites. Another one that
behaves the same is Equifax Secure eBusiness CA-2 issued certificates. I
even tried OpenSSL 0.9.6a and 0.9.5a command line util to try to verify these
against the CA file and it just gives errors of various sorts. Looking at
the text forms, it seems that it just can't parse it properly. Does anyone
have any ideas what could be up? (Other CA's seem to work fine)
--
George Staikos
certproblems.tgz
