Verifying server certificate failed?!

Richard Moore rich at kde.org
Thu Mar 15 13:53:39 CET 2012


Your chain file includes the root certificate as well as the
intermediate certificate. You should not be transmitting that one
(though I think GnuTLS should ignore it and would regard it as a bug
if it doesn't).

Cheers

Rich.

On 15 March 2012 11:57, Sven Geggus <lists at fuchsschwanzdomain.de> wrote:
> Hello,
>
> calling https://iad.iosb.fraunhofer.de/~geg/ using a Webbrowser gives me a
> valid TLS connection.
>
> So does "gnutls-cli iad.iosb.fraunhofer.de -p 443"
>
> But calling the following dows not work:
> gnutls-cli iad.iosb.fraunhofer.de -p 443 --x509cafile /etc/ssl/certs/ca-certificates.crt
> Processed 142 CA certificate(s).
> Resolving 'iad.iosb.fraunhofer.de'...
> Connecting to '153.96.8.17:443'...
> *** Verifying server certificate failed...
> *** Fatal error: Error in the certificate.
> *** Handshake has failed
> GnuTLS error: Error in the certificate.
>
> Is this a Bug in gnutls or a missconfiguration of my Apache Server?
>
> Sven
>
> --
> The source code is not comprehensible
>                 (found in bug section of man 8 telnetd on Redhat Linux)
>
> /me is giggls at ircnet, http://sven.gegg.us/ on the Web
>
> _______________________________________________
> Help-gnutls mailing list
> Help-gnutls at gnu.org
> https://lists.gnu.org/mailman/listinfo/help-gnutls




More information about the Gnutls-help mailing list