Page MenuHome GnuPG
Create Task
Maniphest T825

mark-trusted problem with: GTE CyperTrust Global Root
Closed, ResolvedPublic
Actions

Description

Validating the certificate "GTE CyperTrust Global Root"
in Kleopatra does not lead to the opurtunity to
mark it trutsted. (allow-mark-trusted is configured and
the procedure works for other root certificates).

The certificate in question is attached.

Details

Version
2.0.5

Related Objects

Mentioned Here
D8: 22_patch.gnupg.3

Event Timeline

Jan-Oliver_Wagner added projects: S/MIME, gnupg, Bug Report.Aug 22 2007, 2:05 PM
Jan-Oliver_Wagner added a subscriber: Jan-Oliver_Wagner.

142_gte.pem1 KBDownload

Jan-Oliver_Wagner set Version to 2.0.5.Aug 22 2007, 2:05 PM
bernhard assigned this task to werner.Aug 22 2007, 4:43 PM
bernhard added subscribers: bernhard, werner.
werner added a project: kks.Aug 23 2007, 9:58 AM
werner added a comment.Aug 24 2007, 8:45 AM

Well, GTE seems to be one of this money printing companies without any security
clues. The certificate uses MD5, is valid for 20 years (still 11 to go)(!) and
is missing the required basicConstraints.

Workaround is to use the "relax" flag. This needs to be applied manually using
an editor in trustlist.txt:

97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74 S relax

werner added a project: Restricted Project.Aug 24 2007, 8:45 AM
Jan-Oliver_Wagner added a comment.Aug 24 2007, 9:29 AM

I added this line to my trustlist.txt and
applied "Validate" in Kleopatra again, but
same result as before.

Jan-Oliver_Wagner closed this task as Resolved.Aug 24 2007, 9:31 AM
Jan-Oliver_Wagner removed a project: Restricted Project.

Sorry, gpg-agent needs to be restartet. Now it works.
Resolving.