[gnutls-help] Handshake failing by using gnutls library
Priyaranjan Nayak
priyaranjan4169 at gmail.com
Mon Mar 9 05:49:01 CET 2015
Hi Daniel,
I have installed gnutls-3.3.13 version and using in both server and client
side program. Now I wanted to check which API needs to be call to complete
the handshake for TLS connection.So I am using two sample program given by
gnutls library to verify the handshake procedure .i.e
1. Server sample code:
http://gnutls.org/manual/html_node/Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication
2. Client sample code:
http://www.gnutls.org/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support
Thanks Daniel for your great support.
On Sun, Mar 8, 2015 at 12:38 AM, Daniel Kahn Gillmor <dkg at fifthhorseman.net>
wrote:
> On Wed 2015-03-04 02:58:26 -0800, Priyaranjan Nayak wrote:
>
> > I am using gnutls-3.3.13 version for tls communication. I have created
> > three files by using below commands
> > 1. certtool --generate-privkey --outfile key.pem
> > 2. certtool --generate-self-signed --load-privkey key.pem --outfile
> cert.pem
> > 3. certtool --generate-crl --load-ca-privkey key.pem
> --load-ca-certificate cert.pem --outfile crl.pem
>
> The above commands have to do with key generation. Without more
> information about the choices made during step 2, it's hard to tell if
> it even makes sense to generate a CRL, though. CRLs are only sensible
> if the certificate is intended to certify other certificates. Is that
> the case?
>
> > Now handshake is failing with "*** Handshake has failed (The request is
> > invalid.)" message . Please suggest me how to do handshake properly and
> if
> > anything wrong in the .pem file generation .
>
> There isn't enough information here to help you, i think. how are you
> trying to connect? are you using GnuTLS for both sides of the
> connection (client and server)? if not, what is providing TLS support
> on the side that gnutls isn't handling? The more specific you can be
> about how GnuTLS is being used, the better we'll be able to help you
> figure out what's going wrong. It seems unlikely to be related just to
> the certtool steps you laid out above.
>
> --dkg
>
--
Thanks
Priyaranjan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150309/dba5fc72/attachment.html>
More information about the Gnutls-help
mailing list