Problems with specific certificate/key (Debian Bug #426013)

Mark Adams mark at campbell-lange.net
Thu Feb 28 14:26:42 CET 2008


On Thu, Feb 28, 2008 at 12:51:46PM +0000, Mark Adams wrote:
> On Wed, Feb 27, 2008 at 11:07:02PM +0200, Nikos Mavrogiannopoulos wrote:
> > Mark Adams wrote:
> >> On Jan 3, 2008 2:36 AM, Marc Haber <mh+gnutls-devel at zugschlus.de> wrote:
> >
> >> I'm using gnutls 2.0.4 at present (this is the current debian testing
> >> version). Is it possibly a known issue with this version? I can not
> >> install the new version at present, as this is a production server. I
> >> will be able to test this if you think it will correct the issue.
> >>
> >> For reference, gnutls-serv and gnutl-client work with this cert/key
> >> pair. I can run the server fine using;
> >>
> >> gnutls-serv --debug 5 --x509keyfile myhost_net.key --x509certfile myhost_net.crt
> >>
> >> And the client can connect using;
> >>
> >> gnutls-cli -p 5556 mail.myhost.net
> >>
> >> however, when using certtool -i < my key file failes with the base 64
> >> decoding error.
> >
> > This is normal. The -i parameter only reads certificates. You should use  
> > the -k option to parse the key. Do you use the same file to hold the key  
> > and the certificate? Also in your tests please use the -d 2 parameter to  
> >  output more verbose information.
> >
> > regards,
> > Nikos
> 
> Hi, I have run this and all appears fine, please advise what output you
> require.
> 
> Please also advise what other tests I can run
> 
> Regards
> Mark

I can confirm that it is the right format from this test;

Public Key Info:
        Public Key Algorithm: RSA

Mark





More information about the Gnutls-devel mailing list