[Help-gnutls] gnutls-serv command line problem

joseph.ng at symbian.com joseph.ng at symbian.com
Wed Feb 13 12:36:36 CET 2008


I am new to GnuTLS. On my PC I have installed Window GnuTLS 2.2.1. 

When I issue the following command: 

G:\my_server>gnutls-serv --http --x509fmtder --x509cafile IM-11-cert.der 
--x509certfile EU-0-cert.der --x509keyfile EU-0-key.txt -g --comp NULL 
--protocols TLS1.0 SSL3.0 -a --kx RSA 

I got: 

This method of specifying algorithms is deprecated. Please use the 
--priority option. 

Q1. I have tried a number of things but couldn't figure out what's wrong 
with the command line. Could you please tell me what is deprecated? 

Started up the server with the above command, I then try to start a client 

G:\my_client>gnutls-cli -p 5556 localhost --crlf 

and I got the following from the server: 

|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_x509.c:1087 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_ARCFOUR_SHA1 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_ARCFOUR_MD5 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_3DES_EDE_CBC_SHA1 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_AES_128_CBC_SHA1 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_AES_256_CBC_SHA1 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 
|<3>| HSK[a32570]: Removing ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:704 
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:462 
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:2014 
|<2>| ASSERT: ../../../src/gnutls-2.2.1/lib/gnutls_handshake.c:2542 
|<6>| BUF[HSK]: Cleared Data from buffer 
Error in handshake 
Error: Could not negotiate a supported cipher suite. 
|<4>| REC: Sending Alert[2|40] - Handshake failed 
|<4>| REC[a32570]: Sending Packet[0] Alert(21) with length: 2 

and the following from the client: 

*** Fatal error: A TLS fatal alert has been received. 
*** Received alert [40]: Handshake failed 
*** Handshake has failed 
GNUTLS ERROR: A TLS fatal alert has been received. 

Q2. I thought it would finished with TLS_RSA_AES_128_CBC_SHA1 (0x00, 
0x2f), but it didn't. Could you please tell me what's gone wrong with 

Thank you very much in anticipation. 

Joseph Ng

Discover tomorrow's technology on today's phones... Visit the
Symbian Stand, 8A77, Hall 8, at Mobile World Congress 2008, 11-14
February, Barcelona, Spain.
 Symbian Software Ltd is a company registered in England and Wales
with registered number 4190020 and registered office at 2-6
Boundary Row, Southwark, London,  SE1 8HP, UK. This message is
intended only for use by the named addressee and may contain
privileged and/or confidential information. If you are not the
named addressee you should not disseminate, copy or take any action
in reliance on it. If you have received this message in error
please notify postmaster at symbian.com and delete the message and any
attachments accompanying it immediately. Neither Symbian nor any of
its Affiliates accepts liability for any corruption, interception,
amendment, tampering or viruses occurring to this message in
transit or for any message sent by its employees which is not in
compliance with Symbian corporate policy.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20080213/099c38fb/attachment.htm>

More information about the Gnutls-help mailing list