[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Error in handshake - Error: Could not negotiate a supported cipher s
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: Error in handshake - Error: Could not negotiate a supported cipher suite. |
Date: |
Fri, 10 Aug 2012 09:45:50 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:10.0.6esrpre) Gecko/20120805 Icedove/10.0.6 |
On 08/09/2012 09:24 PM, Kristian Fiskerstrand wrote:
> On 08/08/2012 03:10 PM, Nikos Mavrogiannopoulos wrote:
>> On Wed, Aug 8, 2012 at 2:24 AM, Kristian Fiskerstrand
>> <address@hidden> wrote:
>>> Hi,
>>> I'm trying to set up mod_gnutls on apache to use OpenPGP key for a TLS
>>> session but I'm having some trouble getting gnutls set up correctly for
>>> a handshake. If I'm not too mistaken alert(21) indicate a decryption
>>> error - any hints for how I should debug this?
>>> What I have so far is - using gnutls-serv and gnutls-cli - the following;
>> [...]
>>> --priority NORMAL:+ANON-DH \
>>
>> Shouldn't you enable openpgp support as well? You can do that by adding
>> +CTYPE-OPENPGP.
> Thank you for the response and sorry for my late reply, got a bit
> pre-occupied for a while there.
> I adjusted the command to
> gnutls-serv \
> -p 18000 \
> -g \
> --http \
> --priority NORMAL:+CTYPE-OPENPGP:+ANON-DH \
> --pgpcertfile /etc/apache2/conf/sks-keyservers.net.pub.asc \
> --pgpkeyfile /etc/apache2/conf/ss/sks-keyservers.net.sec.asc \
> --pgpsubkey 19EA3DAE12200409
> but I still get the same error ..
Did you add the same priority string to the client as well? If I try the
doc/credentials/gnutls-http-serv script with a client that has the
CTYPE-OPENPGP enabled it works.
regards,
Nikos
signature.asc
Description: OpenPGP digital signature