This bug was fixed in the package openssl - 1.1.1f-1ubuntu2.4 --------------- openssl (1.1.1f-1ubuntu2.4) focal; urgency=medium
* Allow x509 certificates which set basicConstraints=CA:FALSE,pathlen:0 to validate, as it is common on self-signed leaf certificates. (LP: #1926254) - d/p/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch - d/p/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch - d/p/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch -- Matthew Ruffell <matthew.ruff...@canonical.com> Wed, 28 Apr 2021 12:37:28 +1200 ** Changed in: openssl (Ubuntu Focal) Status: Fix Committed => Fix Released ** Changed in: openssl (Ubuntu Groovy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1926254 Title: x509 Certificate verification fails when basicConstraints=CA:FALSE,pathlen:0 on self-signed leaf certs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1926254/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs