[Help-gnutls] gnutls-serv command line problem
joseph.ng at symbian.com
joseph.ng at symbian.com
Wed Feb 13 12:36:36 CET 2008
Hi
I am new to GnuTLS. On my PC I have installed Window GnuTLS 2.2.1.
When I issue the following command:
G:\my_server>gnutls-serv --http --x509fmtder --x509cafile IM-11-cert.der
--x509certfile EU-0-cert.der --x509keyfile EU-0-key.txt -g --comp NULL
--protocols TLS1.0 SSL3.0 -a --kx RSA
I got:
This method of specifying algorithms is deprecated. Please use the
--priority option.
Q1. I have tried a number of things but couldn't figure out what's wrong
with the command line. Could you please tell me what is deprecated?
Started up the server with the above command, I then try to start a client
with:
G:\my_client>gnutls-cli -p 5556 localhost --crlf
and I got the following from the server:
.....
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_x509.c:1087
|<3>| HSK[a32570]: Removing ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[a32570]: Removing ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[a32570]: Removing ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[a32570]: Removing ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[a32570]: Removing ciphersuite: RSA_AES_256_CBC_SHA1
|<3>| HSK[a32570]: Removing ciphersuite: RSA_CAMELLIA_128_CBC_SHA1
|<3>| HSK[a32570]: Removing ciphersuite: RSA_CAMELLIA_256_CBC_SHA1
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:704
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:462
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:2014
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:2542
|<6>| BUF[HSK]: Cleared Data from buffer
Error in handshake
Error: Could not negotiate a supported cipher suite.
|<4>| REC: Sending Alert[2|40] - Handshake failed
|<4>| REC[a32570]: Sending Packet[0] Alert(21) with length: 2
....
and the following from the client:
...
*** Fatal error: A TLS fatal alert has been received.
*** Received alert [40]: Handshake failed
*** Handshake has failed
GNUTLS ERROR: A TLS fatal alert has been received.
...
Q2. I thought it would finished with TLS_RSA_AES_128_CBC_SHA1 (0x00,
0x2f), but it didn't. Could you please tell me what's gone wrong with
that?
Thank you very much in anticipation.
Regards,
---------------
Joseph Ng
Discover tomorrow's technology on today's phones... Visit the
Symbian Stand, 8A77, Hall 8, at Mobile World Congress 2008, 11-14
February, Barcelona, Spain.
**********************************************************************
Symbian Software Ltd is a company registered in England and Wales
with registered number 4190020 and registered office at 2-6
Boundary Row, Southwark, London, SE1 8HP, UK. This message is
intended only for use by the named addressee and may contain
privileged and/or confidential information. If you are not the
named addressee you should not disseminate, copy or take any action
in reliance on it. If you have received this message in error
please notify postmaster at symbian.com and delete the message and any
attachments accompanying it immediately. Neither Symbian nor any of
its Affiliates accepts liability for any corruption, interception,
amendment, tampering or viruses occurring to this message in
transit or for any message sent by its employees which is not in
compliance with Symbian corporate policy.
**********************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20080213/099c38fb/attachment.htm>
More information about the Gnutls-help
mailing list