[gnutls-help] SRP without certificates

Matthew Lai m at matthewlai.ca
Sun Apr 27 21:25:33 CEST 2014

Hi Nikos,

Thanks so much for your help!

The priority string is it. I was just using "NORMAL". Using 
"NORMAL:+SRP" now and handshake succeeds!


On 4/27/2014 10:25 AM, Nikos Mavrogiannopoulos wrote:
> On Sun, 2014-04-27 at 01:49 -0700, Matthew Lai wrote:
>> Hello!
>> I have a question if you don't mind -
>> I am trying to use pure SRP for authentication, but for some reason, I
>> am getting "Insufficient credentials for that request" on the client
>> when I try to start the handshake.
>> On the server side, I am using
>> gnutls_srp_set_server_credentials_file() and
>> gnutls_credentials_set(session, GNUTLS_CRD_SRP, m_serverCred). Both
>> returned GNUTLS_E_SUCCESS.
>> On the server side, I am using gnutls_srp_set_client_credentials() and
>> gnutls_credentials_set(m_clientSessionTcp, GNUTLS_CRD_SRP,
>> m_clientCred). Both returned GNUTLS_E_SUCCESS.
>> Can you tell what I am doing wrong?
> There could be many things wrong. The best is to try first with
> gnutls-cli and gnutls-serv instead of trying to make both client and
> server at the same time. Note that you need to explicitly enable the SRP
> key exchange method with a priority string.
> regards,
> Nikos

More information about the Gnutls-help mailing list