GPGSM: Chain too long on cross signed certificate
Open, NormalPublic
Actions

Assigned To

None

Authored By

	aheinecke
	Feb 22 2017, 3:06 PM

Description

Attached is a certificate that made Kleopatra crash (related issue) but it also
causes GPGSM to fail when it is used as a recipient with:

gpgsm: certificate chain too long

gpgsm: can't encrypt to 'guido@guido-w.de': Bad certificate chain

The likely cause for it is that it has a cyclic issuer chain where:

The Comodo CA certificate is signed by AddTrust External CA Root, which itself
is cross signed by UTN - DATACorp SGC, meaning UTN - DATACorp SGC is itself
again signed by AddTrust.

Details

External Link: https://bugs.kde.org/show_bug.cgi?id=376563
Version: master

Related Objects
Search...

		Status	Assigned	Task
		Open	None	T5882 Cross signing certificate in X.509 support
		Open	None	T2972 GPGSM: Chain too long on cross signed certificate

Event Timeline

955_recursive-chain.pem37 KBDownload

• gniibe added a parent task: T5882: Cross signing certificate in X.509 support.Mar 17 2022, 12:48 AM

• gniibe mentioned this in T5882: Cross signing certificate in X.509 support.Mar 28 2022, 8:37 AM

GPGSM: Chain too long on cross signed certificateOpen, NormalPublicActions

Description

Details

Related ObjectsSearch...

Event Timeline

GPGSM: Chain too long on cross signed certificate
Open, NormalPublic
Actions

Related Objects
Search...