Simon Josefsson wrote: [...] > That error happens if the server doesn't offer a ciphersuite that the > client can accept. Often this is caused by missing X.509 CA and/or > server certificate. Check with 'gnutls-cli' what key exchange is > negotiated. If it is ANON, most clients will refuse to talk to you. > > Btw, example 7.4.5 is for anonymous authentication, try 7.4.1 instead. > It is easy to change things, just add a X.509 credential and assign it > to the session.
Thanks. I was rather hoping to do without --- having to create a self-signed certificate adds quite a lot of complexity to my install procedure --- but if I have to... Incidentally, creating a private key with certtool takes several minutes. Doing the same with openssl req appears to be more or less instant. Is this normal? -- ┌── dg@cowlark.com ─── http://www.cowlark.com ─────────────────── │ "I have always wished for my computer to be as easy to use as my │ telephone; my wish has come true because I can no longer figure out how to │ use my telephone." --- Bjarne Stroustrup
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
