[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cannot connect with GnuTLS (OpenSSL is OK) "Decryption has failed" "
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: Cannot connect with GnuTLS (OpenSSL is OK) "Decryption has failed" "Bad record MAC" |
Date: |
Fri, 11 Jan 2013 02:15:33 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:10.0.11) Gecko/20121122 Icedove/10.0.11 |
On 01/07/2013 10:16 PM, Stephane Bortzmeyer wrote:
> After I renewed a X.509 certificate, I can no longer connect to
> <https://svn.generic-nic.net/NIC-generique/iana/whois/> (which is an
> Apache using GnuTLS) with a client using GnuTLS (clients using OpenSSL
> are OK).
>
> % openssl s_client -connect svn.generic-nic.net:443
btw. openssl cannot connect either. It connects because the command you
try obtains a different certificate from the one offered to gnutls which
uses server name indication. Try adding -servername svn.generic-nic.net
to the openssl command to the see the failure. Are you sure the server
certificate matches the server private key?
regards,
Nikos