Hello,
it is solved. Special thanks to Andreas Metzler:
Andreas Metzler <eximusers@???> (Mo 15 Jun 2009 19:32:54 CEST):
> Heiko Schlittermann <hs@???> wrote:
> [...]
> gnutls night not be able to read the file-format, or perhaps
> the signature algoritm is RSA-MD2, or whatever.
...
and to Richard Clayton:
Richard Clayton <richard@???> (Di 16 Jun 2009 12:18:46 CEST):
...
> You would be well advised to move to SHA1 sooner rather than later, and
> prepare to change hash function again in 2010
My own (openssl) CA now uses "default_md = sha1" (instead of "md5") and
the new issued certs work with the GNU-TLS linked exim4. (The config
file for my own CA is quite old, so don't blame openssl for having the
"md5" as default there.)
Thanks for replying and for wasting your time.
(The GNU-TLS tool I was looking for is ``certtool'', as found in Debians
``gnutls-bin'' package, e.g.).
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann HS12-RIPE -----------------------------------------
gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -