Help needed with x.509 certificate
nmav at gnutls.org
Fri Nov 18 18:44:25 CET 2011
On 11/18/2011 04:33 AM, Rebel Neurofog wrote:
> I'm implementing network security for my project.
> But now I'm stuck writing a sample with both client and server certificates.
> So here's what happens:
> 1. I've generated all the keys and certificates needed to run GnuTLS examples.
> 2. Server works fine and client gets it's echo message as in examples.
> 3. But even though I do 'gnutls_certificate_server_set_request
> (session, GNUTLS_CERT_REQUEST);'
> on server side and also do 'gnutls_certificate_set_x509_key_file
> (xcred, CERTFILE, KEYFILE, GNUTLS_X509_FMT_PEM));'
> on client side which returns no error, there's no certificate received
> by server.
> 4. And if I do 'gnutls_certificate_server_set_request (session,
> GNUTLS_CERT_REQUIRE);' instead of REQUEST,
> server of course declines handshake with "The peer did not send any
> certificate." message.
> I guess, I miss something...
As Mike mentioned, you must be missing something. What you need to do is
just use the client example from the documentation and add a call to
gnutls_certificate_set_x509_key_file(), or use the example "Using a
callback to select the certificate to use".
More information about the Gnutls-help