I'm trying to get a simple case of gnutls-serv and -cli communicating with an x509 cert, but it's failing.
Following the examples in the "invoking certtool" section of the manual, I created a private key and cert: $ certtool --generate-privkey --outfile priv $ head -1 priv -----BEGIN RSA PRIVATE KEY----- $ certtool --generate-self-signed --load-privkey priv --outfile cert [...many questions here, maybe I answered some wrong?...] $ head -1 cert -----BEGIN CERTIFICATE----- Then I ran gnutls-serv with this and tried to connect with gnutls-cli-debug: $ gnutls-serv --x509keyfile priv --x509certfile cert Echo Server ready. Listening to port '5556'. [and in another window] $ gnutls-cli-debug -p 5556 localhost Resolving 'localhost'... Connecting to '127.0.0.1:5556'... Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... failed Checking for TLS 1.0 support... no Checking for SSL 3.0 support... no Server does not support none of SSL 3.0, TLS 1.0 and TLS 1.1 The server says: Error in handshake Error: The request is invalid. I found an old mailing list thread that suggested generating DH params could help: $ certtool --generate-dh-params > dh $ gnutls-serv --dhparams dh --x509keyfile priv --x509certfile cert But it didn't. What am I doing wrong? I also tried the debug flags but they didn't print anything I understood. In case it matters: $ dpkg -s gnutls-bin | grep Version Version: 1.6.3-1build1 (PS: I last mailed this list regarding an unrelated gnutls/Windows problem and Simon asked me to try something and report; since then I've lost my Windows machine and haven't yet been able to see if it worked.) _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
