Issue connecting to Army Knowledge Online website using GnuTLS

W. Michael Petullo mike at flyn.org
Mon Jun 13 21:43:52 CEST 2011


>> I am having trouble connecting to the Army Knowledge Online server
>> (www.us.army.mil) using Epiphany/GnuTLS 2.10.5 (Firefox and OpenSSL's
>> s_client work fine). I've brought this up with the AKO administrators,
>> but thought I'd mention it here too. AKO requires an account, but
>> the homepage is publically accessible. I tried troubleshooting using
>> gnutls-cli and got:
> 
> Could you try the compatibility priority string described in:
> http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html#Interoperability
> 
> (it is for 2.12.x, for 2.10, it would be:
> "NORMAL:-VERS-TLS1.1:-VERS-TLS1.2:%COMPAT")

This seems to work:

gnutls-cli -d 255 -p 443 www.us.army.mil --priority "NORMAL:-VERS-TLS1.1:-VERS-TLS1.2:%COMPAT"

Is the an environment variable that will cause applications that use
GnuTLS to behave in this manner? Or, does the application have to call
gnutls_certificate_type_set_priority() explicitly?

-- 
Mike

:wq




More information about the Gnutls-devel mailing list