[Help-gnutls] Re: SMTP TLS & Thunderbird

David Given dg at cowlark.com
Thu Feb 8 02:12:39 CET 2007


Simon Josefsson wrote:
[...]
> That error happens if the server doesn't offer a ciphersuite that the
> client can accept.  Often this is caused by missing X.509 CA and/or
> server certificate.  Check with 'gnutls-cli' what key exchange is
> negotiated.  If it is ANON, most clients will refuse to talk to you.
> 
> Btw, example 7.4.5 is for anonymous authentication, try 7.4.1 instead.
> It is easy to change things, just add a X.509 credential and assign it
> to the session.

Thanks. I was rather hoping to do without --- having to create a self-signed
certificate adds quite a lot of complexity to my install procedure --- but if
I have to...

Incidentally, creating a private key with certtool takes several minutes.
Doing the same with openssl req appears to be more or less instant. Is this
normal?

-- 
┌── dg@cowlark.com ─── http://www.cowlark.com ───────────────────
│ "I have always wished for my computer to be as easy to use as my
│ telephone; my wish has come true because I can no longer figure out how to
│ use my telephone." --- Bjarne Stroustrup

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20070208/41c7048d/attachment.pgp>


More information about the Gnutls-help mailing list