On 11/13/2012 09:01 PM, Ivan Shmakov wrote: >>>>>> Nikos Mavrogiannopoulos <n...@gnutls.org> writes: > > […] > > > You'll have to sign it using gnutls_x509_crt_privkey_sign (). It is > > better the check the certtool source for other possible options. > > ACK, thanks. > > So, I've ended up with the code MIME'd. Then, however, > gnutls_handshake () fails with GNUTLS_E_PK_SIG_VERIFY_FAILED. > Do I understand it correctly that such an error points to some > bug in the certificate signing part?
It means that the TLS signature in the session cannot be verified using the provided certificate. Could it be a mismatch between your certificate and the private key? Did you try with certtool generated certificates? I'd suggest to increase verbosity in order to find out what is the actual reason of failure. regards, Nikos _______________________________________________ Help-gnutls mailing list Help-gnutls@gnu.org https://lists.gnu.org/mailman/listinfo/help-gnutls