[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GnuTLS Re-Handshake Fails

From: Nikos Mavrogiannopoulos
Subject: Re: GnuTLS Re-Handshake Fails
Date: Mon, 23 May 2011 21:51:24 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110424 Thunderbird/3.1.10

On 05/23/2011 07:24 PM, Dash Shendy wrote:

> What is your server and what options do you have? Why do you do
> rehandshake in the first place?
>>>> I was just testing the re-handshaking, that's all really, is
>>>> that the way you test it? do I need an extra flag?
> The server closed the session for some reason. Your server log might
> have more information. But don't just post logs, explain what you are
> doing.
>>>> I was just testing to see that everything works and I thought
>>>> I'd let you know about this error, just being a good netizen. 
>>>> My main issue is actually that weird compression error, I've
>>>> been tearing my hair-out re-compiling my lamp stack trying to
>>>> fix it:)

Ok, so did you modify gnutls-cli to perform a rehandshake? Is that the
case? HTTPS servers do not really support re-handshake (there is no
real reason to), except for when they initiate it. mod_gnutls at least
should behave like that. That is because the prominent reason to
initiate a rehandshake is to upgrade credentials (i.e. require the
client to send his certificate).

So what you see is actually mod_gnutls closing your session because
you asked for rehandshake. If you request a URL that requires client
authentication is would ask for rehandshake by itself.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]