Issue connecting to Army Knowledge Online website using GnuTLS
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Jun 15 21:35:58 CEST 2011
On 06/13/2011 09:43 PM, W. Michael Petullo wrote:
>>> I am having trouble connecting to the Army Knowledge Online server
>>> (www.us.army.mil) using Epiphany/GnuTLS 2.10.5 (Firefox and OpenSSL's
>>> s_client work fine). I've brought this up with the AKO administrators,
>>> but thought I'd mention it here too. AKO requires an account, but
>>> the homepage is publically accessible. I tried troubleshooting using
>>> gnutls-cli and got:
>>
>> Could you try the compatibility priority string described in:
>> http://www.gnu.org/software/gnutls/manual/html_node/Interoperability.html#Interoperability
>>
>> (it is for 2.12.x, for 2.10, it would be:
>> "NORMAL:-VERS-TLS1.1:-VERS-TLS1.2:%COMPAT")
>
> This seems to work:
>
> gnutls-cli -d 255 -p 443 www.us.army.mil --priority "NORMAL:-VERS-TLS1.1:-VERS-TLS1.2:%COMPAT"
>
> Is the an environment variable that will cause applications that use
> GnuTLS to behave in this manner? Or, does the application have to call
> gnutls_certificate_type_set_priority() explicitly?
An application has to call gnutls_priority_set_direct(), to allow
priority strings.
regards,
Nikos
More information about the Gnutls-devel
mailing list