On Fri, 18 Nov 2011 06:33:32 +0300 Rebel Neurofog <[email protected]> wrote:
> Hi! > > I'm implementing network security for my project. > But now I'm stuck writing a sample with both client and server certificates. > So here's what happens: > > 1. I've generated all the keys and certificates needed to run GnuTLS examples. > 2. Server works fine and client gets it's echo message as in examples. > 3. But even though I do 'gnutls_certificate_server_set_request > (session, GNUTLS_CERT_REQUEST);' > on server side and also do 'gnutls_certificate_set_x509_key_file > (xcred, CERTFILE, KEYFILE, GNUTLS_X509_FMT_PEM));' > on client side which returns no error, there's no certificate received > by server. > 4. And if I do 'gnutls_certificate_server_set_request (session, > GNUTLS_CERT_REQUIRE);' instead of REQUEST, > server of course declines handshake with "The peer did not send any > certificate." message. > > I guess, I miss something... > Could you please help me with my confusion? > GnuTLS version I'm using is 3.0.8 > Here are all the files packed if it is helpful: > ftp://neurofog.nomrhis.net/GNUTLS-CERT.tar.gz > > Best regards, > Neurofog > > _______________________________________________ > Help-gnutls mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/help-gnutls This may seem like a dumb question, but are you calling gnutls_certificate_allocate_credentials() properly? Not sure it will help, but here is a functioning async certificate (client+server) implementation that I wrote some time ago that may provide some clues: https://svn.enlightenment.org/svn/e/trunk/ecore/src/lib/ecore_con/ecore_con_ssl.c -- Mike Blumenkrantz Zentific: Doctor recommended, mother approved. _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
