Bug#887637: rsyslog-gnutls: TLS server does not send intermediate certificates, breaking verification

Arne, Rainer from upstream here. Thanks for the patch. I will see that I can integrate it into upstream source. Question, due to GDPR: is it OK for you to be set as the author inside git? If so, that means we can not remove your personal information at a later time as this would break the master

Bug#887637: rsyslog-gnutls: TLS server does not send intermediate certificates, breaking verification

Hi Arne On Mon, 22 Jan 2018 11:25:42 +0100 Arne Nordmark wrote: > On Thu, 18 Jan 2018 16:27:35 +0100 Arne Nordmark > wrote: > > > > gtlsLoadOurCertKey() uses gnutls_x509_crt_import() on the file data, > and this function only handles one cert. >

Bug#887637: rsyslog-gnutls: TLS server does not send intermediate certificates, breaking verification

On Thu, 18 Jan 2018 16:27:35 +0100 Arne Nordmark wrote: > > gtlsLoadOurCertKey() uses gnutls_x509_crt_import() on the file data, and this function only handles one cert. > If one uses gnutls_x509_crt_list_import() instead, intermediate certs could be supported. With

Bug#887637: rsyslog-gnutls: TLS server does not send intermediate certificates, breaking verification

Package: rsyslog-gnutls Version: 8.24.0-1 Severity: normal The setup consists of a TLS-enabled rsyslog server and TLS-enbled rsyslog clients without using client certificate authentication. When DefaultNetstreamDriverCertFile on the server specifies a file with a single cert (which is signed