[Mono-bugs] [Bug 76279][Nor] Changed - CERT_E_CHAINING problem for server certificate

[bugzilla-daemon at bugzilla.ximian.com]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=76279

--- shadow/76279	2005-10-03 11:05:07.000000000 -0400
+++ shadow/76279.tmp.4606	2005-10-03 12:21:40.000000000 -0400
@@ -282,6 +282,33 @@
 
 
 ------- Additional Comments From yngve.zackrisson at mobila-kontoret.se  2005-10-03 11:05 -------
 Created an attachment (id=15870)
 Result of a 'certmgr -list -c -m Trust' on the server. Look for CA 17 ... .
 
+
+------- Additional Comments From sebastien at ximian.com  2005-10-03 12:21 -------
+You mean this entry ?
+
+Self-signed X.509 v3 Certificate
+  Serial Number: BD98CA57CC1ECCE100
+  Issuer Name:   C=SE, L=Stockholm, O=Test Company AB, OU=IT
+Department - CA 17c[3~, CN=Test Company CA 17c
+  Subject Name:  C=SE, L=Stockholm, O=Test Company AB, OU=IT
+Department - CA 17c[3~, CN=Test Company CA 17c
+  Valid From:    10/3/2005 3:52:47 PM
+  Valid Until:   11/2/2005 2:52:47 PM
+  Unique Hash:   9675368992A3B21DE8420114A741430BBBE1F18A
+
+* There's (probably) nothing wrong with the serial number. It can be
+any, non negative, integer (of any length). I say "probably" because
+it could be a negative integer if a 0x00 byte wasn't preceding the
+first byte. Anyway this positive/negative issue doesn't affect Mono.
+
+* The Issuer|Subject name seems to be an encoding issue - probably due
+to the charset used in creating the certificate. This could be an
+issue when matching certificates (depending on how the end-entity
+certificates are created/encoded).
+
+* Please note that all certificates not listed as "Self-signed X.509
+v3 Certificate" in your 'Trust' store are probably mis-configuration
+(unless you have specific code to interpret them inside your application).