[gnutls-help] Handshake failing by using gnutls library

Priyaranjan Nayak priyaranjan4169 at gmail.com
Mon Mar 9 05:49:01 CET 2015 

Hi Daniel,

I have installed gnutls-3.3.13 version and using in both server and client
side program. Now I wanted to check which API needs to be call to complete
the handshake for TLS connection.So I am using two sample program given by
gnutls library to verify the handshake procedure  .i.e

   1. Server sample code:
   http://gnutls.org/manual/html_node/Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication
   2. Client sample code:
   http://www.gnutls.org/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support

Thanks Daniel for your great support.

On Sun, Mar 8, 2015 at 12:38 AM, Daniel Kahn Gillmor <dkg at fifthhorseman.net>
wrote:

> On Wed 2015-03-04 02:58:26 -0800, Priyaranjan Nayak wrote:
>
> > I am using gnutls-3.3.13 version for tls communication. I have created
> > three files by using below commands
> > 1. certtool --generate-privkey --outfile key.pem
> > 2. certtool --generate-self-signed --load-privkey key.pem --outfile
> cert.pem
> > 3. certtool --generate-crl --load-ca-privkey key.pem
> --load-ca-certificate cert.pem --outfile crl.pem
>
> The above commands have to do with key generation.  Without more
> information about the choices made during step 2, it's hard to tell if
> it even makes sense to generate a CRL, though.  CRLs are only sensible
> if the certificate is intended to certify other certificates.  Is that
> the case?
>
> > Now handshake is failing with "*** Handshake has failed (The request is
> > invalid.)" message . Please suggest me how to do handshake properly and
> if
> > anything wrong in the .pem file generation .
>
> There isn't enough information here to help you, i think.  how are you
> trying to connect?  are you using GnuTLS for both sides of the
> connection (client and server)?  if not, what is providing TLS support
> on the side that gnutls isn't handling?  The more specific you can be
> about how GnuTLS is being used, the better we'll be able to help you
> figure out what's going wrong.  It seems unlikely to be related just to
> the certtool steps you laid out above.
>
>     --dkg
>



-- 
Thanks
Priyaranjan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150309/dba5fc72/attachment.html>

More information about the Gnutls-help mailing list