Hi, Simon Josefsson <[EMAIL PROTECTED]> writes:
> Oh. I see, bad theory then. Hm. Have you loaded the proper CA cert in > the server? The server sends over some information about the known CA > certs, and if that doesn't match the user's certificate, the client > won't send its user certificate. Actually, you were right: my power cable was not quite plugged in. ;-) Adding a `set_x509_trust_file ()' call on the server side fixed the problem. I was not expecting such behavior, though. Roughly, I had copied my OpenPGP example (where `GNUTLS_CERT_REQUIRE' worked fine) and replaced "openpgp" with "x509". The fact that we need to specify a trust file in X.509 and not in the OpenPGP case for `GNUTLS_CERT_REQUIRE' to work creates a slight asymmetry. Thanks! Ludovic. _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
