On Thu 2008-10-30 18:40:26 -0400, Kevin P. Fleming wrote: > I've rebuilt the server's cert with the X509v3 Key Usage set to 'Digital > Signature' and 'Key Encipherment', but that has not solved the problem. > > Can someone please connect to https://origsvn.digium.com and tell me why > GNUTLS won't accept the server's cert? Thanks.
I can't seem to connect to your server with either openssl or gnutls, actually. Can you? [0 [EMAIL PROTECTED] ~]$ openssl s_client -showcerts -verify 5 -connect origsvn.digium.com:443 verify depth is 5 CONNECTED(00000003) depth=1 /C=US/ST=Alabama/L=Huntsville/O=Digium, Inc./OU=Asterisk Development Team/CN=Digium SVN CA/[EMAIL PROTECTED] verify error:num=19:self signed certificate in certificate chain verify return:1 depth=1 /C=US/ST=Alabama/L=Huntsville/O=Digium, Inc./OU=Asterisk Development Team/CN=Digium SVN CA/[EMAIL PROTECTED] verify return:1 depth=0 /C=US/ST=Alabama/L=Huntsville/O=Digium/OU=Asterisk Development Team/CN=origsvn.digium.com/[EMAIL PROTECTED] verify return:1 28424:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1053:SSL alert number 40 28424:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: [0 [EMAIL PROTECTED] ~]$ gnutls-cli --verbose origsvn.digium.com --port 443 Resolving 'origsvn.digium.com'... Connecting to '216.207.245.42:443'... - Server's trusted authorities: [0]: C=US,ST=Alabama,L=Huntsville,O=Digium\, Inc.,OU=Asterisk Development Team,CN=Digium SVN CA,[EMAIL PROTECTED] - Successfully sent 0 certificate(s) to server. *** Fatal error: A TLS fatal alert has been received. *** Received alert [40]: Handshake failed *** Handshake has failed GNUTLS ERROR: A TLS fatal alert has been received. [1 [EMAIL PROTECTED] ~]$ I can apparently connect to it with LibNSS-based clients (ssltap and iceweasel), but that's it. :( --dkg
pgpxdDbnmJTRF.pgp
Description: PGP signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
