[Help-gnutls] Key usage violation in certificate

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Nov 3 21:03:01 CET 2008

Kevin P. Fleming wrote:
> Nikos Mavrogiannopoulos wrote:
>> I don't think this can be the case, but cannot be sure. Does libneon
>> can be run with gnutls debugging on?
> Thanks very much for your help!
> I've built Subversion 1.5.4 with libneon 0.28.2 (both from source, but
> gnutls using the Ubuntu packages) configured to force the gnutls global
> debug level to 4711, and here's the output from a failed connection attempt:

It seems gnutls fails because the (client) certificate it uses for
authentication it doesn't support signing (and TLS client certificates
must support it).

Check (with certtool -i) if the client certificate contains the
following lines:

	Key Usage (critical):
		Digital signature.

(the one I used for testing contained them).


More information about the Gnutls-help mailing list