TLS certificate Issuer and Subject are mixed up

Advertisement

/usr/local/dick
Joined:
Posts:
1
Location:
Amsterdam

TLS certificate Issuer and Subject are mixed up

Hi guys

I am trying to connect to our Pure-FTPD server (Ubuntu 8.04 LTS 32-bit, pure-ftpd-postgresql 1.0.21-11.1ubuntu2).
This server is configured to do TLS.
Upon connecting, I get a certificate warning. The issue is not with the fact that there is a warning, it is about the content of the warning.
The warning message seems to mix up the certificate Issuer and the certificate Subject.
Don't get fooled by the names, in this case the "Organization" of both the subject and issuer are the same.

This is Winscp-5.1.3 on a clean Windows 7 64-bit VM.

Attached is a screendump, some OpenSSL debugging, and the X509 key material.

Description: Screendump of warning message from WinSCP, with mixed up Issuer and Subject

winscp_issuer_subject_mixup.PNG

Description: X509 PEM file as used by Pure-FTPD server.
Description: Ouput of OpenSSL command:

echo QUIT | openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -starttls ftp -connect www.terena.org:21

You can check this yourself as this is a public system.

Reply with quote E-mail

Advertisement

You can post new topics in this forum