[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: eww + w3m / GnuTLS TLSv1 support ?

From: Jason Vas Dias
Subject: Re: eww + w3m / GnuTLS TLSv1 support ?
Date: Mon, 14 Feb 2022 12:34:04 +0000

Thanks, Eli -

  I did try setting :

  (set-variable gnutls-algorithm-priority
  (set-variable my-tls-stream (open-gnutls-stream "tls" "tls-buffer"
"" "https")

 but still no joy :

gnutls.el: (err=[-50] The request is invalid.) boot: (:priority
LEGACY:VERS-TLS1.3:VERS-TLS1.2:VERS-TLS1.1:VERS-TLS1.0 :hostname :loglevel 0 :min-prime-bits nil :trustfiles
(/etc/pki/tls/certs/ca-bundle.crt /etc/ssl/cert.pem) :crlfiles nil
:keylist nil :verify-flags nil :verify-error nil :callbacks nil)
gnutls-negotiate: GnuTLS error: #<process tls>, -50

  On browsers, once I have got one to accept trying to use
  TLSv1.0 , which ATM stiil seems not to be possible,
  the next thing is I have to add the router's self-signed
  certificate to the browser's trust store, usually through some
  Advanced -> Add Security Exception "Site Security Exception List" -
  is there such a list for GnuTLS ? Or a way of specifying the
  equivalent of curls' '-k': 'do not validate certificate trust chain' option ?

Thanks, All the best,

On 13/02/2022, Eli Zaretskii <eliz@gnu.org> wrote:
>> From: Jason Vas Dias <jason.vas.dias@gmail.com>
>> Date: Sun, 13 Feb 2022 16:48:00 +0000
>> Cc: emacs-devel@gnu.org
>> Still no joy with Firefox 96, Chrome Unstable, EWW, W3M -
>> ideally, it would be nice if EWW or W3M would let me set
>> the TLS protocol version to use, with some variable setting -
>> that is really why I was posting to the emacs-devel list.
> AFAIU, in Emacs you should be able to request SSLv1 via the :priority
> setting of gnutls-boot.  E.g., try to customize
> gnutls-algorithm-priority to include "VERS-TLS1.1".

reply via email to

[Prev in Thread] Current Thread [Next in Thread]