[gnutls-help] x509 PKIs working with OpenSSL but not GnuTLS
Nikos Mavrogiannopoulos
nmav at gnutls.org
Thu Oct 9 14:56:11 CEST 2014
On Wed, Oct 8, 2014 at 11:13 AM, Louis Opter <kalessin at kalessin.fr> wrote:
> Hello,
>
> I'm trying to setup taskd [1], a server using GnuTLS on top of a custom
> task synchronization protocol, and my experience so far has been
> miserable.
[...]
> | taskd | s_client |
> ---------+--------+----------+
> taskd | KO-1 | OK |
> s_server | KO-1 | OK |
>
> pki-sans:
>
> | taskd | s_client |
> ---------+--------+----------+
> taskd | OK | OK |
> s_server | OK | OK |
>
> pki-openvpn:
>
> | taskd | s_client |
> ---------+--------+----------+
> taskd | KO-1 | OK-2 |
> s_server | KO-1 | OK |
>
> KO-1: the client says the certificate has an error.
> KO-2: client says ok but the server says there is an error in the
> certificate.
>
> What can explain such differences?
Unfortunately without mentioning the reason of failure or seeing the
certificate chains, no.
> Why some PKIs aren't working with
> GnuTLS but are working with openssl? Is there reference clients and
> servers for gnutls like s_client or s_server?
gnutls-cli and gnutls-serv.
regards,
Nikos
More information about the Gnutls-help
mailing list