Simon Josefsson wrote: [...] > Many programs refuse to work if the server doesn't have a X.509 > certificate, so yes, I'm afraid you'll have to add that to your > server, or modify a lot of clients.
It's all working now, thanks. Although I will admit that setting all the code up was not pretty --- the documentation's very hazy on what the various functions return if something goes wrong (such as not being able to read the keyfiles), and I've found that in order to make it fall back on anonymous authentication if the keys don't work I have to call gnutls_kx_set_priority(), which surprises me as the documentation swears blind that it's ignored on servers. Incidentally, my various early blundering attempts managed to get a number of things wrong, which caused gnutls-cli to fall over good and hard. Is this important? -- ┌── dg@cowlark.com ─── http://www.cowlark.com ─────────────────── │ "I have always wished for my computer to be as easy to use as my │ telephone; my wish has come true because I can no longer figure out how to │ use my telephone." --- Bjarne Stroustrup
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
