Certificate Validation Differences
Description of problem:
For the two certificates I provided, both contained the SKI extension, but the value was 0. Both certificates failed the verification of openssl, while the verification results of gnutls showed differences Cert1732784125104D1.pem passed the verification of gnutls, while Cert1732784125103D1.pem failed.
Version of gnutls used:
gnutls-cli 3.7.3
Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu
How reproducible:
Steps to Reproduce:
- one certtool --verify --load-ca-certificate RootCA.pem --infile Cert1732784125103D1.pem
- two certtool --verify --load-ca-certificate RootCA.pem --infile Cert1732784125104D1.pem
Actual results:
Cert1732784125104D1.pem:Verified, The certificate is trusted. Cert1732784125103D1.pem:Not verified. The certificate is NoT trusted.
Expected results:
Cert1732784125104D1.pem:Not verified. The certificate is NoT trusted.