[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to run the ex-serv-psk.c example
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
Re: How to run the ex-serv-psk.c example |
|
Date: |
Fri, 02 Mar 2012 19:37:04 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.24) Gecko/20111114 Icedove/3.1.16 |
On 03/02/2012 02:56 AM, Peter Penzov wrote:
> I'm trying to run the example ex-serv-psk.c from gnutls 3.0.14.
>
> I generated self signed certificate using these commands:
>
> certtool --generate-privkey --outfile key.pem
> certtool --generate-self-signed --load-privkey key.pem --outfile cert.pem
>
> I compiled the examples ex-serv-psk.c and ex-client-psk.c. When I try to
> run them I get this error:
>
> address@hidden test]# ./server
> Server ready. Listening to port '5556'.
>
> - connection from 127.0.0.1, port 38184
> *** Handshake has failed (The TLS connection was non-properly terminated.)
You can connect to the example server using gnutls-cli. The example
client requires to add "+PSK" to the priority string. I've corrected
it on the documentation.
> Is it do I need something else to run these examples?
> I modified some o
> #define KEYFILE "key.pem"
> #define CERTFILE "cert.pem"
> #define CAFILE "/etc/ssl/certs/ca-certificates.crt"
> #define CRLFILE "crl.pem"
> How I must create CAFILE and CRLFILE? I created self-signed certificate. Do
> I need these files in this case?
CAFILE and CRLFILE are not currently used in the currently supported
PSK ciphersuites so you could ignore them. I didn't remove them because
it is planned for the RSA-PSK ciphersuite to be added which will use
them.
regards,
Nikos