On Sun, Nov 5, 2017 at 9:21 PM, Jeremy Harris <[email protected]> wrote: > GnuTLS 3.5.8 > > Server, having loaded two cert (one RSA, then one ECDSA) using > gnutls_certificate_set_x509_key_file(). > > With a client hello having only one sig-hash algorithm, > "0401 rsa-sha256" the handshake fails. The server debug log > has > > "(gnutls_handshake): An unknown public key algorithm was encountered." > > > > If I only load the RSA cert, it's fine. > > What should I be doing different?
Could you provide a reproducer? If you check the tests/ subdirectory there is set_x509_key_file_ocsp_multi2.c which pretty much does what you are describing. regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
