[Help-gnutls] gnutls_handshake fails with an alert

Sam Varshavchik mrsam at courier-mta.com
Sat Oct 20 22:25:45 CEST 2007


I've taken the "Simple client example" from the 1.6.3 pages, and supplied a 
tcp_connect() that connects to ssl-enabled apache on localhost. Running the 
code results in:

*** Handshake failed
GNUTLS ERROR: A TLS fatal alert has been received.

My apache SSL config works fine (with a self-signed cert). Just to 
eliminate the self-signed cert being a factor, I also tried and got the same 
results with mail.google.com on port 443 (gmail over https).

I can see from strace that the alert seems to be genuine. After a:

connect(4, {sa_family=AF_INET, sin_port=htons(443), 
sin_addr=inet_addr("127.0.0.1")}, 16) = 0

… it looks like I'm sending a record, and receiving a small alert in 
response:

sendto(4, "\26\3\1\0001\1\0\0-\3\1G\32c918\23Ul\t\366c\22l76\254\335\4\254\273"…, 54, 
0, NULL, 0) = 54
recvfrom(4, "\25\3\1\0\2", 5, 0, NULL, NULL) = 5
recvfrom(4, "\2(", 2, 0, NULL, NULL)    = 2
write(2, "*** Handshake failed\n", 21*** Handshake failed

But I'm only using the simple client example, from the info pages, as is, so 
what's going wrong here?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: </pipermail/attachments/20071020/e9f90202/attachment.pgp>


More information about the Gnutls-help mailing list