On 08/09/2012 09:24 PM, Kristian Fiskerstrand wrote: > On 08/08/2012 03:10 PM, Nikos Mavrogiannopoulos wrote: >> On Wed, Aug 8, 2012 at 2:24 AM, Kristian Fiskerstrand >> <[email protected]> wrote: >>> Hi, >>> I'm trying to set up mod_gnutls on apache to use OpenPGP key for a TLS >>> session but I'm having some trouble getting gnutls set up correctly for >>> a handshake. If I'm not too mistaken alert(21) indicate a decryption >>> error - any hints for how I should debug this? >>> What I have so far is - using gnutls-serv and gnutls-cli - the following; >> [...] >>> --priority NORMAL:+ANON-DH \ >> >> Shouldn't you enable openpgp support as well? You can do that by adding >> +CTYPE-OPENPGP. > Thank you for the response and sorry for my late reply, got a bit > pre-occupied for a while there. > I adjusted the command to > gnutls-serv \ > -p 18000 \ > -g \ > --http \ > --priority NORMAL:+CTYPE-OPENPGP:+ANON-DH \ > --pgpcertfile /etc/apache2/conf/sks-keyservers.net.pub.asc \ > --pgpkeyfile /etc/apache2/conf/ss/sks-keyservers.net.sec.asc \ > --pgpsubkey 19EA3DAE12200409 > but I still get the same error ..
Did you add the same priority string to the client as well? If I try the doc/credentials/gnutls-http-serv script with a client that has the CTYPE-OPENPGP enabled it works. regards, Nikos
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
