[Help-gnutls] Re: SMTP TLS & Thunderbird
David Given
dg at cowlark.com
Thu Feb 8 02:12:39 CET 2007
Simon Josefsson wrote:
[...]
> That error happens if the server doesn't offer a ciphersuite that the
> client can accept. Often this is caused by missing X.509 CA and/or
> server certificate. Check with 'gnutls-cli' what key exchange is
> negotiated. If it is ANON, most clients will refuse to talk to you.
>
> Btw, example 7.4.5 is for anonymous authentication, try 7.4.1 instead.
> It is easy to change things, just add a X.509 credential and assign it
> to the session.
Thanks. I was rather hoping to do without --- having to create a self-signed
certificate adds quite a lot of complexity to my install procedure --- but if
I have to...
Incidentally, creating a private key with certtool takes several minutes.
Doing the same with openssl req appears to be more or less instant. Is this
normal?
--
┌── dg@cowlark.com ─── http://www.cowlark.com ───────────────────
│ "I have always wished for my computer to be as easy to use as my
│ telephone; my wish has come true because I can no longer figure out how to
│ use my telephone." --- Bjarne Stroustrup
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20070208/41c7048d/attachment.pgp>
More information about the Gnutls-help
mailing list