I figured it out, I thought the certificate was supposed to be in a PEM format, however I found a set of specs somewhere that elaborated a bit and said it's PKCS#7, and converted it to PKCS#7. Interestingly enough, that didn't work, and I tried PEM format again, and it worked. I'll chalk it up to some bizarre issue.
Anyway, would the GNUTLS project be interested in a Java port? I made a limited one for my NIO system in my web server. I'd be willing to port the full library over if there is interest. (My motives were that there's no good NIO & TLS & SNI system combined for Java). On Wed, Aug 12, 2015 at 12:32 AM, Nikos Mavrogiannopoulos <[email protected]> wrote: > On Wed, Aug 12, 2015 at 7:35 AM, Max Bruce <[email protected]> wrote: > > Calling code: > > int e1 = gnutls_certificate_set_x509_key_file(oc->cert, certj, keyj, > > GNUTLS_X509_FMT_PEM); > > All looks good from my side, and both certj/keyj are absolute paths to a > > certificate & private key in PEM format. It returns -302, which > translates > > to GNUTLS_E_PARSING_ERROR, of which is under the category of errors > "PKCS11 > > related" > > I'll attach a copy of the public key to this, and I can send the private > key > > to anyone that asks to see it(it's PEM directly from StartCom). > > Hello, > Don't send your private key to anybody unless it is a test key. Just > copy/paste the header (the BEGIN --- part), and whether certtool -k > succeeds in parsing it. > > regards, > Nikos > -- Thanks, Max Bruce www.avuna.org
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
