On Thu 2015-05-21 03:03:29 -0400, Shruti Patil wrote: > This is shruti here, I am facing some issue in hand shaking betwen server > and client... I have generated cert.pem key.pem crl.pem using > certtool..
You haven't mentioned how you generated these files specifically. > I am trying with the following sample code : > > http://www.gnutls.org/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support > > http://www.gnutls.org/manual/html_node/Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication > > > when I execute the above server and client code it displays the following > message: > > "Handshake failed > GnuTLS error: Error in the certificate. > The certificate is NOT trusted. The certificate issuer is unknown. The name > in the certificate does not match the expected " It sounds to me like the client does not know about the server's certificate, and so it is rejecting the connection. If you make sure that the server's certificate was issued by a CA that the client knows about and trusts, that should be sufficient. what CAs does the client know about? --dkg _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
