On Tue, Dec 17, 2013 at 8:01 PM, Lavrentiev, Anton (NIH/NLM/NCBI) [C] <[email protected]> wrote: > Hi All, > I'm new here in this list, and I have a question about GNUTLS > that I do not understand. > Per the documentation example, I'm creating a client session like this: > gnutls_credentials_set(session, GNUTLS_CRD_ANON, acred); > But I get the following error (wherever I tried to connect to, whether > real HTTP servers or gnutls-serv starter locally), from gnutls_handshake(): > error=-12,A TLS fatal alert has been received
Hello, A gnutls server doesn't support anonymous authentication by default. You need to enable it using the priority string. For example you need to something like "NORMAL:+ANON-DH:+ANON-ECDH" to both client and server. In general there is no reason to use anonymous authentication. If you don't have a trusted CA you can use, it is better to use certificates and trust on first use [0]. [0]. http://www.gnutls.org/manual/gnutls.html#Verifying-a-certificate-using-trust-on-first-use-authentication regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
