[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] gnutls_handshake fails with an alert
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [Help-gnutls] gnutls_handshake fails with an alert |
Date: |
Mon, 22 Oct 2007 11:05:59 +0300 |
User-agent: |
KMail/1.9.6 (enterprise 0.20070907.709405) |
On Monday 22 October 2007, Sam Varshavchik wrote:
> No, I'm running a default Apache install with mod_ssl.
>
> I finally ended up looking at elinks's source to see how it sets up gnutls.
> It turned out that I needed to create a gnutls_certificate_credentials_t
> using gnutls_certificate_allocate_credentials(), and put it into the
> session using gnutls_credentials_set(). Once I did that, the example given
> in the info docs worked correctly, both with my stock Apache, and other
> external SSL servers.
> I am NOT using X.509 authentication, I'm running just a basic,
> plain-vanilla Apache+mod_ssl, using a self-signed test cert, without any
> X.509
> authentication set up.
The default apache with mod_ssl, as well as every other HTTPS server, do X.509
authentication. Elinks is not a good example to check. It doesn't check any
certificate eventhough it uses authenticated ciphersuites.
Check the examples in the gnutls documentation.
regards,
Nikos