On Fri, 2014-10-10 at 23:32 -0700, Louis Opter wrote: > On Thu, 9 Oct 2014 14:56:11 +0200 Nikos Mavrogiannopoulos > <[email protected]> wrote: > > Thanks for the answers. > > > Unfortunately without mentioning the reason of failure or seeing the > > certificate chains, no. > > Using gnutls-cli and gnutls-serv I have been able to isolate the issue a > little bit more: [...] > | t_client | s_client | g_client | > ---------+----------+----------+----------+ > t_client | KO-1 | KO-2 | KO-3 | > s_server | KO-1 | OK | KO-3 | > g_server | KO-1 | OK | KO-3 | > > KO-1: the client says the certificate has an error. > KO-2: client says ok but the server says there is an error in the > certificate. > KO-3: the client says: the name in the certificate doesn't match the > expected. > t_{client,server} are taskwarrior (gnu)tls test client and server. > g_{client,server} are gnutls-{cli,serv}.
To be honest I am confused on what are you describing here and what is the actual issue you are seeing. As far as I understand you have some certificate chain that gnutls-cli reports that the "the name in the certificate doesn't match". In that case you should check the CN of the certificate and the subject alternative name. regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
