View Issue Details

IDProjectCategoryView StatusLast Update
0001095Main CAcert Websitecertificate issuingpublic2013-01-07 21:41
ReporterINOPIAE Assigned ToNEOatNHNG  
PrioritynormalSeverityminorReproducibilityhave not tried
Status needs workResolutionwon't fix 
Summary0001095: Problems with creating server sertificate where the csr is created with Java SDK Tools
DescriptionWhen creating a csr for the server sertificates with Java SDK Tools
eg:
Beispiel:
keytool -genkey -alias test.test.net -keyalg RSA -keystore test.test.net.ks
-validity 1095

The certificte request stayes open and is not processed.
If openssl is used everything works fine
Additional Informationsee Ticket [s20120910.45]
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

related to 0001101 needs workTimoAHummel general rewrite of get info from csr routine in includes/general.php 

Activities

NEOatNHNG

2012-09-11 21:44

administrator   ~0003187

Unable to reproduce, wrote mail to user. Let's see whether we can figure it out.

NEOatNHNG

2012-09-13 01:16

administrator   ~0003195

User generated a CSR which uses the insecure hash algorithm MD2 (https://en.wikipedia.org/wiki/MD2_%28cryptography%29) which has been discontinued in OpenSSL and therefore "openssl req -verify" fails with "140071148226208:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:a_verify.c:174:"

I don't think it would be worth a fix (would take quite some time for a questionable feature)

NEOatNHNG

2012-09-14 21:43

administrator   ~0003197

OK, the issue should not be fixed as such but maybe give a more reasonable error message. Could be done in the check_weak_keys routine

Issue History

Date Modified Username Field Change
2012-09-11 08:46 INOPIAE New Issue
2012-09-11 21:44 NEOatNHNG Note Added: 0003187
2012-09-11 21:44 NEOatNHNG Assigned To => NEOatNHNG
2012-09-11 21:44 NEOatNHNG Status new => needs feedback
2012-09-13 01:16 NEOatNHNG Note Added: 0003195
2012-09-13 01:16 NEOatNHNG Status needs feedback => solved?
2012-09-13 01:16 NEOatNHNG Resolution open => won't fix
2012-09-14 21:43 NEOatNHNG Note Added: 0003197
2012-09-14 21:43 NEOatNHNG Status solved? => needs work
2013-01-07 21:41 Werner Dworak Relationship added related to 0001101