emacs-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Emacs core TLS support


From: Nikos Mavrogiannopoulos
Subject: Re: Emacs core TLS support
Date: Mon, 13 Sep 2010 09:49:30 +0200

2010/9/11 Ted Zlatanov <address@hidden>:

> - no SRP anywhere, just anon and x509 (I'll add SRP if we need it and
>  when the other two are working)
> Now I get GNUTLS_E_INSUFFICIENT_CREDENTIALS when I open a x509
> connection to an IMAP TLS server so I think there's still work to do.
> The trust file seems to be wrong (see lisp/net/gnutls.el, I tried both
> "/etc/ssl/certs/ca-certificates.crt" and "/etc/ssl/certs/ca.pem").
> The GnuTLS examples don't seem to cover the standard situation of
> talking to a web server over SSL and possibly accepting an insecure
> connection if the server credentials are bad.  I must have missed
> something.  Could the GnuTLS developers look at my patch and help me
> out?

I cannot look at the patch but the example you are looking for is:
http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support
to do the connection, and this one to verify the certificate:
http://www.gnu.org/software/gnutls/manual/html_node/Verifying-peer_0027s-certificate.html#Verifying-peer_0027s-certificate

regards,
Nikos



reply via email to

[Prev in Thread] Current Thread [Next in Thread]