[Help-gnutls] gnutls_handshake fails with an alert
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon Oct 22 10:05:59 CEST 2007
On Monday 22 October 2007, Sam Varshavchik wrote:
> No, I'm running a default Apache install with mod_ssl.
>
> I finally ended up looking at elinks's source to see how it sets up gnutls.
> It turned out that I needed to create a gnutls_certificate_credentials_t
> using gnutls_certificate_allocate_credentials(), and put it into the
> session using gnutls_credentials_set(). Once I did that, the example given
> in the info docs worked correctly, both with my stock Apache, and other
> external SSL servers.
> I am NOT using X.509 authentication, I'm running just a basic,
> plain-vanilla Apache+mod_ssl, using a self-signed test cert, without any
> X.509
> authentication set up.
The default apache with mod_ssl, as well as every other HTTPS server, do X.509
authentication. Elinks is not a good example to check. It doesn't check any
certificate eventhough it uses authenticated ciphersuites.
Check the examples in the gnutls documentation.
regards,
Nikos
More information about the Gnutls-help
mailing list