mark-trusted problem with: GTE CyperTrust Global Root
Closed, ResolvedPublic

Description

Validating the certificate "GTE CyperTrust Global Root"
in Kleopatra does not lead to the opurtunity to
mark it trutsted. (allow-mark-trusted is configured and
the procedure works for other root certificates).

The certificate in question is attached.

Details

Version
2.0.5

Related Objects

bernhard assigned this task to werner.Aug 22 2007, 4:43 PM
bernhard added subscribers: bernhard, werner.

Well, GTE seems to be one of this money printing companies without any security
clues. The certificate uses MD5, is valid for 20 years (still 11 to go)(!) and
is missing the required basicConstraints.

Workaround is to use the "relax" flag. This needs to be applied manually using
an editor in trustlist.txt:

97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74 S relax

I added this line to my trustlist.txt and
applied "Validate" in Kleopatra again, but
same result as before.

Jan-Oliver_Wagner closed this task as Resolved.

Sorry, gpg-agent needs to be restartet. Now it works.
Resolving.