[Help-gnutls] Re: Key usage violation in certificate

Roland Winkler Roland.Winkler at physik.uni-erlangen.de
Sun May 31 17:14:42 CEST 2009


> Try to connect using this priority string:
>  gnutls-cli --priority "normal:-dhe-rsa"

Hi Nikos,

Great, thanks a lot, now gnutls-cli works perfect (for emacs, I do
not need quotes for the second arg).

> By misconfiguration however the server allows you to connect with
> a ciphersuite that violates this usage and that's why gnutls-cli
> fails to connect.

Is this a misconfiguration of the server that its sysadmins can fix?

Is it a part of the communication protocol between server and client
that the server should tell the client the allowed usage of its
certificate? I mean, the server knows the allowed usage of its
certificate. So I would guess that in an ideal world (that we don't
have...) no extra configuration of the server was necessary.

Thanks,

Roland





More information about the Gnutls-help mailing list