nOOb Error : No certificates found!
lfinsto at gwdg.de
lfinsto at gwdg.de
Wed Apr 14 12:17:26 CEST 2010
Is your private key encrypted? This may be the problem. At any rate, it
was a problem I ran into when I was trying to get my server-client pair
working. I don't recall all of the details I learned at the time, so I
apologize if this suggestion is wrong or of no use.
However, if this is the problem, you'll have to generate an unencrypted
key. This is how I generated an unencrypted key from a p12 file using
openssl. I'd have to look up whether it's possible to do it with a
command from the GNUTLS package and if so, how:
openssl pkcs12 -nodes -nocerts -in usercred.p12 -out userkey.pem
I would expect that it would be possible to generate an unencrypted key
from an encrypted one.
On Wed, April 14, 2010 11:51 am, gonzagueddr wrote:
> I've tried "gnutls-cli -d 1 -p 22222 --x509certfile /path/servercert.pem
--x509cafile /path/cacert.pem --x509keyfile /path/serverkey.pem
> and the client returns :
> *** Fatal error: Key usage violation in certificate has been detected.
*** Handshake has failed
> GNUTLS ERROR: Key usage violation in certificate has been detected.
> I've also tried with clientcert.pem and clientkey.pem, acording to an
example i found on the web ( http://libvirt.org/remote.html ), because i
understood that the cert and key can/must be different on the server and
client, but i get the same error.
> Nikos Mavrogiannopoulos a écrit :
>> On Tue, Apr 13, 2010 at 7:18 PM, gonzagueddr <gonzagueddr at yahoo.fr> wrote:
>>> "gnutls-cli -d 1 -p
>>> 22222 --x509certfile /path/servercert.pem --x509cafile
>> The issue is here. You must also specify the --x509keyfile parameter.
>> x509certfile parameter is being ignored.
> Help-gnutls mailing list
> Help-gnutls at gnu.org
Gesellschaft fuer wissenschaftliche Datenverarbeitung mbH
Am Fassberg 11
Telefon: +49 551 201-1882
E-Mail: lfinsto at gwdg.de
More information about the Gnutls-help