On 03/02/2012 02:56 AM, Peter Penzov wrote: > I'm trying to run the example ex-serv-psk.c from gnutls 3.0.14. > > I generated self signed certificate using these commands: > > certtool --generate-privkey --outfile key.pem > certtool --generate-self-signed --load-privkey key.pem --outfile cert.pem > > I compiled the examples ex-serv-psk.c and ex-client-psk.c. When I try to > run them I get this error: > > [root@localhost test]# ./server > Server ready. Listening to port '5556'. > > - connection from 127.0.0.1, port 38184 > *** Handshake has failed (The TLS connection was non-properly terminated.)
You can connect to the example server using gnutls-cli. The example client requires to add "+PSK" to the priority string. I've corrected it on the documentation. > Is it do I need something else to run these examples? > I modified some o > #define KEYFILE "key.pem" > #define CERTFILE "cert.pem" > #define CAFILE "/etc/ssl/certs/ca-certificates.crt" > #define CRLFILE "crl.pem" > How I must create CAFILE and CRLFILE? I created self-signed certificate. Do > I need these files in this case? CAFILE and CRLFILE are not currently used in the currently supported PSK ciphersuites so you could ignore them. I didn't remove them because it is planned for the RSA-PSK ciphersuite to be added which will use them. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
