I'm somewhat mystified what this function (and the surrounding constructs) is supposed to do. I'm calling gnutls_certificate_set_x509_trust_mem and gnutls_certificate_set_x509_key in the client, but in itself, that does not cause failures when connecting to a server which presents the wrong certificate, nor does it cause the client to send along a certificate (for that, I've found that I have to install a callback using gnutls_certificate_client_set_retrieve_function). For certificate verification to happen, it seems that I need to call gnutls_certificate_verify_peers2 (or implement some sort of verification manually).
Perhaps this could be clarified in the documentation? -- Florian Weimer <[email protected]> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
