Hi Daniel, I have installed gnutls-3.3.13 version and using in both server and client side program. Now I wanted to check which API needs to be call to complete the handshake for TLS connection.So I am using two sample program given by gnutls library to verify the handshake procedure .i.e
1. Server sample code: http://gnutls.org/manual/html_node/Echo-server-with-X_002e509-authentication.html#Echo-server-with-X_002e509-authentication 2. Client sample code: http://www.gnutls.org/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support Thanks Daniel for your great support. On Sun, Mar 8, 2015 at 12:38 AM, Daniel Kahn Gillmor <[email protected]> wrote: > On Wed 2015-03-04 02:58:26 -0800, Priyaranjan Nayak wrote: > > > I am using gnutls-3.3.13 version for tls communication. I have created > > three files by using below commands > > 1. certtool --generate-privkey --outfile key.pem > > 2. certtool --generate-self-signed --load-privkey key.pem --outfile > cert.pem > > 3. certtool --generate-crl --load-ca-privkey key.pem > --load-ca-certificate cert.pem --outfile crl.pem > > The above commands have to do with key generation. Without more > information about the choices made during step 2, it's hard to tell if > it even makes sense to generate a CRL, though. CRLs are only sensible > if the certificate is intended to certify other certificates. Is that > the case? > > > Now handshake is failing with "*** Handshake has failed (The request is > > invalid.)" message . Please suggest me how to do handshake properly and > if > > anything wrong in the .pem file generation . > > There isn't enough information here to help you, i think. how are you > trying to connect? are you using GnuTLS for both sides of the > connection (client and server)? if not, what is providing TLS support > on the side that gnutls isn't handling? The more specific you can be > about how GnuTLS is being used, the better we'll be able to help you > figure out what's going wrong. It seems unlikely to be related just to > the certtool steps you laid out above. > > --dkg > -- Thanks Priyaranjan
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
