[Help-gnutls] Re: TLS/OpenPGP draft expiring soon
Ludovic Courtès
ludovic.courtes at laas.fr
Thu Feb 1 17:34:32 CET 2007
Hi,
Simon Josefsson <simon at josefsson.org> writes:
> Also, creating examples and a self test for the OpenPGP stuff would be
> useful. Have you managed to get it to work at all?
It took me a while, but I finally found why `gnutls-serv' wouldn't do
the job as expected (I knew it should work because I have small
client/server of my own that do work).
First, the patch below must be applied to `serv.c'. Then, actual DH
and/or RSA parameters must be provided or generated for the server. So
we end up with a command-line like this for the server:
$ ./gnutls-serv --dhparams tls-dh-params \
--ctypes openpgp --pgpcertfile pub.asc \
--pgpkeyfile sec.asc
And for the client:
$ gnutls-cli --ctypes openpgp --pgpcertfile pub.asc \
--pgpkeyfile sec.asc -p 5556 localhost
And it works like a charm, even with `--require-cert' passed to the
server.
Can you confirm?
Thanks,
Ludovic.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ,,serv.diff
Type: text/x-patch
Size: 531 bytes
Desc: The patch
URL: </pipermail/attachments/20070201/148266ca/attachment.bin>
More information about the Gnutls-help
mailing list