Hi, I'm hoping to get some help on testing and getting TLS communication working. Using Certtool I've made a CA, client certificate and server certificate. Each has a certificate/private key pair and I think they are correct. The CA is self signed and the client and server are signed by the CA.
I've made some simple client and server programmers to test communication based on the documentation and examples on gnutls.org. The client and the server both load their respective certs/privkey and the CA cert without issue and attempt to handshake the communication. When that happens the server immediately fails with GNUTLS_E_UNKNOWN_CIPHER_SUITE "Could not negotiate a supported cipher suite" and the client fails with "Error in the pull function." I've kicked up the debug level in gnutls and I saw an error on both client and server that looks potentially bad (|<9>| ENC[006DABD8]: cipher: NULL, MAC: MAC-NULL, Epoch: 0) but most of the other reported lines don't seem critical (to me at least). In both client and server the the programs use gnutls_priority_set_direct with a string "NORMAL:+KX-ALL" and the function succeeds. I've tried re-mkaing the certificates numerous times thinking that I have mis-created these somehow but I am not sure what. Any advice for what I can check would be greatly appreciated! _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
