Re: x509 AlgorithmIdentifier parameters

Philip Martin writes: > In Marc's case getting a new server cert that is not RSASSA-PSS might be > the best solution. r1822996 fixes the x509 parser on trunk. It doesn't mean that the client will be able to verify the RSASSA-PSS certs (you would need an OpenSSL fix

Re: x509 AlgorithmIdentifier parameters

Philip Martin writes: > Looking back at the original mail it looks as if the error is produced > by x509parse.c:x509_get_alg() via svn_x509_parse_cert(), in particular > it is probably this assumption: > > /* >* assume the algorithm parameters must be NULL >*/