[Help-gnutls] Re: ex-serv-pgp
dellanna at csp.it
dellanna at csp.it
Fri Feb 9 15:03:33 CET 2007
Ok,
the version of my gnutls-client is 1.2.9 and the output of test is the
following:
resolving 'test.gnutls.org'...
Connecting to '217.13.230.178:5556'...
- Successfully sent 0 certificate(s) to server.
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
# The hostname in the certificate matches 'test.gnutls.org'.
# valid since: Tue Feb 6 14:02:11 CET 2007
# expires at: Wed Feb 6 14:02:11 CET 2008
# fingerprint: CB:4A:00:E0:65:A5:C3:9D:E0:5D:AB:CF:3A:2C:82:74
# Subject's DN: O=GnuTLS test server,CN=test.gnutls.org
# Issuer's DN: CN=GnuTLS test CA
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS 1.1
- Key Exchange: DHE RSA
- Cipher: AES 256 CBC
- MAC: SHA
- Compression: DEFLATE
- Handshake was completed
- Simple Client Mode:
As you can see, It don't support OpenPGP. Can you send me link of latest version
of gnutls-cli, please?
Simone.
Scrive Simon Josefsson <simon at josefsson.org>:
> dellanna at csp.it writes:
>
> > Hi all,
> > I tried to test the example in manual "Echo Server with OpenPGP"
> (subsection
> > 7.4.3).
> > It work correctly on server side; infact it return "Echo Server ready.
> Listening
> > to port '5556' ",
> > But on client side I used gnutls-client. The problem is the following:
> > 1. if I run gnutls-cli -p 5556 hostname on server side was returned
> "handshake
> > failed"
> > 2. If I run gnutls-cli -p 5556 hostname -s was returned the same error.
> >
> > I think this error was occur because the server wait to receive pgp key,
> isn't
> > it?
> >
> > I'm not very familiar with gnutls-cli; how can I use it to test
> > authentication-pgp?
> > If I use "man gnutls-cli" it return the manual but it is vey short :).
>
> Are you still using gnutls 1.4.4? Run 'gnutls-cli --version' to find
> out. If so, I think you'll need to upgrade, there has been several
> OpenPGP related fixes since that release. I don't provide unpaid
> support for old versions.
>
> Btw, you can test whether your gnutls-cli is OK or not by pointing it
> at test.gnutls.org. With the latest release, the following works:
>
> $ gnutls-cli -p 5556 test.gnutls.org
> Resolving 'test.gnutls.org'...
> Connecting to '217.13.230.178:5556'...
> - Successfully sent 0 certificate(s) to server.
> - Certificate type: OpenPGP
> # The hostname in the key matches 'test.gnutls.org'.
> # Key was created at: Tue Feb 6 16:27:20 CET 2007
> # Key expires: Never
> # PGP Key version: 4
> # PGP Key public key algorithm: DSA (1024 bits)
> # PGP Key fingerprint:
> 59:6B:97:17:CB:98:9A:14:25:FE:AD:1C:AE:5F:AD:3E:5D:1D:14:D8
> # NAME: test.gnutls.org
>
> - Peer's key is valid
> - Could not find a signer of the peer's key
> - Version: TLS 1.2
> - Key Exchange: DHE DSS
> - Cipher: AES 256 CBC
> - MAC: SHA
> - Compression: LZO
> - Handshake was completed
>
> - Simple Client Mode:
>
> /Simon
>
>
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the Gnutls-help
mailing list