[Mono-dev] [PATCH] Bug in X509Chain?

Yngve Zackrisson yngve.zackrisson at mobila-kontoret.se
Tue Dec 27 15:47:01 EST 2005


Hi Sebastien.

Sorry for the delay, but I have updated my bugg report 

    #76279 - CERT_E_CHAINING problem for server certificate 

now with an updated recreation procedure.

To be able to reproduce the problem You have to create the 
certs with openssl (on Linux).
The procedure for that is well documented.

BTW. I will be off my project now (for some time?) 
so I may not be able to answer any questions.
I hope You will be able to recreate the problem anyhow.

BTW 2. On the server i run Linux Fedora core 3 
and my Mono version is 1.9.1. 

Happy New Year.



Yngve Zackrisson

Mobila-Kontoret / CK Management AB.


On Thu, 2005-12-08 at 20:36, Yngve Zackrisson wrote:
> On Thu, 2005-12-08 at 14:04, Sebastien Pouliot wrote:
> > Hello Yngve,
> > 
> > On Thu, 2005-12-08 at 10:25 +0100, Yngve Zackrisson wrote:
> > > This problem seems similar to an issue I have reported on Bugzilla 
> > > (#76279 - CERT_E_CHAINING problem for server certificate).
> > 
> > That's very possible. Vincent problem seems to come from how it's being
> > used and not the certificate themselves (which could explain why I
> > couldn't replicate #76279).
> > 
> > Could you try the patch and update the bug report with your findings ?
> 
> Hello Sebastien
> 
> I can try ... .
> 
> As You might remember I generate my certificates with openssl.
> I have the procedure for certificate generation well documented now 
> an I have 2 configuration files for each of the client and server certs.
> You can ether get an updated version of this (and the test programs) 
> or I can create the certs for You - but then I need the CN for 
> Your test client machine and Your test server machine.
> The test client machine should be a Win32 .NET 1.1 client and 
> the test server machine should be a Linux Mono (1.1.9) server
> for my testcase to work.
> 
> Regards 
> 
> // Yngve Zackrisson.
> // 
> // Mobila-Kontoret / CK Management AB.
> 
> > 
> > Thanks.
> > 
> > > The request is done through HTTPS.
> > 
> > Many certificate checks are protocol specific (e.g. SSL, HTTPS) but the
> > chaining is, currently, identical for all purpose.




More information about the Mono-devel-list mailing list