Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-14 Thread Mads Lindstrøm
Hi Vincent, I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also seems that the Haskell server do not send the email-address. The reason for

Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-14 Thread Florian Weimer
* Mads Lindstrøm: I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also seems that the Haskell server do not send the email-address. And

Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-14 Thread Vincent Hanquez
On Tue, Dec 14, 2010 at 11:41:29AM +0100, Mads Lindstrøm wrote: Hi Vincent, I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also seems

Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-14 Thread Vincent Hanquez
On Tue, Dec 14, 2010 at 10:24:29PM +0100, Florian Weimer wrote: * Mads Lindstrøm: I got it to work :) But there seems to be some bugs in the Haskell server certificate handling. It seems that TLS do not transfer the ST (state, as in California) parameter in the X509 subject field. It also

Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-13 Thread Vincent Hanquez
On Sun, Dec 12, 2010 at 08:13:59PM +0100, Mads Lindstrøm wrote: Hi Haskellers, I am trying to connect a Java client to a Haskell server using the Haskell tls package, and things are not working out for me. There is a lot of steps involved and I do not know what I am doing wrong, so this

Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-13 Thread Mads Lindstrøm
Hi Vincent, On Mon, 2010-12-13 at 08:51 +, Vincent Hanquez wrote: that doesn't buy much since nobody should connect to a pure SSLv2 server. For the openssl cmdline, you can add a simple -ssl3 flag or -tls1 flag to start negociating at the right version straight away. Yes, that worked

[Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-12 Thread Mads Lindstrøm
Hi Haskellers, I am trying to connect a Java client to a Haskell server using the Haskell tls package, and things are not working out for me. There is a lot of steps involved and I do not know what I am doing wrong, so this is a long message. But first I create a private/public key-pair:

Re: [Haskell-cafe] Taking the TLS package for a spin ... and failing

2010-12-12 Thread Mads Lindstrøm
Hi again, I found a simpler way to test the server connection, but it is still not working. Namely, penssl s_client -connect 192.168.1.6:8000 CONNECTED(0003) 18683:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: Regards, Mads Lindstrøm On Sun,