GNU Transport Layer Security Library

Re: Libnettle 2.4 was not found

On Tue, Jan 31, 2012 at 11:40 PM, Nick Khamis <symack <at> gmail.com> wrote:
> Hello Everyone,
> I am using the latest version of Debian. With lib nettle 2.4 installed:
> ls /usr/lib/
> libnettle.a
> libnettle.so
> libnettle.so.4
> libnettle.so.4.3
> When compiling GNU tls, I am getting the libnettle 2.4 not found.

Hi,
 Check you config.log for the reason libnettle was not found.

regards,
Nikos

headers

lfinsto | 1 Feb 18:18

Re: Libnettle 2.4 was not found

Hello,

> When compiling GNU tls, I am getting the libnettle 2.4 not found. I tried:

I did this a couple of days ago and had some difficulty.

You have to install gmp and p11-kit first.  If gmp isn't found, installing
libnettle will work, but libhogweed will not be created.  Then, configure
will fail for GNUTLS.

I don't have root privileges on the machines where I was installing
everything, so you may not need the added complications in the calls to
configure.

/home/optinum/eron0015/crypto/ is where I installed everything.  gmp and
p11-kit caused no difficulties.

This was how I invoked configure for nettle:

./configure CFLAGS="-I/home/optinum/eron0015/crypto/include"
CPPFLAGS="-I/home/optinum/eron0015/crypto/include"
LDFLAGS="-L/home/optinum/eron0015/crypto/lib" --disable-openssl
--enable-shared --prefix=/home/optinum/eron0015/crypto

CPPFLAGS is needed because of a program in the test suite.

It should work to set (and export) the environment variables in the shell.
 It didn't work for me, but that was probably because I mistyped the path
names.

(Continue reading)

headers

ajit | 2 Feb 06:11

Re: GNUTLS 3.0.8 Compilation Error

Hi Nicolas,

I am facing also the same issue.
Did you find a solution for your problem?

Thanks in advance.

Ajit

headers

Mihir Kulkarni | 6 Feb 03:06

HELP: Client-Server code for anonymous authentication NOT working

Hello,

I am part of a team at University of California, Irvine who are trying our hand at GNUTLS. We installed the package and all its dependencies. But when trying with the example code given in the documentation, it throws up an error. The details are:

I tried running the server and client with anonymous authentication. The exact error that it gives is:

CLIENT:

mihir <at> GNU-Linux:~/GNUTLS/gnutls-2.8.6/client$ ./a.out

*** Handshake failed

GNUTLS ERROR: A TLS packet with unexpected length was received.

SERVER:

mihir <at> GNU-Linux:~/GNUTLS/gnutls-2.8.6/server$ ./a.out

Server ready. Listening to port '5556'.

- connection from 127.0.0.1, port 48108

*** Handshake has failed (A TLS packet with unexpected length was received.)

What is figured out so far is that the server goes into an infinite loop on line 120 for the statements:

{

ret = gnutls_handshake (session);

printf("Do...\n");

}

while (gnutls_error_is_fatal (ret) == 0);

Can someone please tell me what might be going wrong?

Thank you for your help.

regards,
Mihir Kulkarni
Graduate Student
University of California, Irvine

http://goo.gl/CvRcG

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

headers

Patrick Pelletier | 6 Feb 06:19

Re: HELP: Client-Server code for anonymous authentication NOT working

This sounds like the same problem I ran into recently. I saw the exact same behavior when I tried compiling the current version of the example programs against the GnuTLS libraries that came with my operating system. (GnuTLS 2.8.5 on Ubuntu 10.04.)

I'm assuming my issue (and therefore yours) is that I was running example code that was meant for GnuTLS 3.x against an installed library that was GnuTLS 2.x. (And, presumably the change in major version indicates an incompatibility, although unfortunately in this case it's a rather subtle one.)

When I installed the examples that were meant for the version of GnuTLS I was actually using (by installing the "gnutls-doc" package on Ubuntu, which put the example source code in /usr/share/doc/gnutls-doc/examples), and compiled them, it worked fine.

(Presumably it would also work to build the latest GnuTLS from source, and then use the latest example code, but that's not the approach I went with, because I wanted to write code that would work with Ubuntu's binary packages.)

In particular, the 3.x example code has the while loop you mentioned, while the 2.x example code does not have the while loop.

(The example anonymous server is ex-anon-serv.c in both the 2.x and 3.x examples, but the anonymous client is called ex-client1.c in 2.x, while it's called ex-anon-client.c in 3.x.)

I hope that helps,

--Patrick

On Feb 5, 2012, at 6:06 PM, Mihir Kulkarni wrote:

Hello,
I am part of a team at University of California, Irvine who are trying our hand at GNUTLS. We installed the package and all its dependencies. But when trying with the example code given in the documentation, it throws up an error. The details are:

I tried running the server and client with anonymous authentication. The exact error that it gives is:

CLIENT:

mihir <at> GNU-Linux:~/GNUTLS/gnutls-2.8.6/client$ ./a.out

*** Handshake failed

GNUTLS ERROR: A TLS packet with unexpected length was received.

SERVER:

mihir <at> GNU-Linux:~/GNUTLS/gnutls-2.8.6/server$ ./a.out

Server ready. Listening to port '5556'.

- connection from 127.0.0.1, port 48108

*** Handshake has failed (A TLS packet with unexpected length was received.)

What is figured out so far is that the server goes into an infinite loop on line 120 for the statements:

do

{

ret = gnutls_handshake (session);

printf("Do...\n");

}

while (gnutls_error_is_fatal (ret) == 0);

Can someone please tell me what might be going wrong?

Thank you for your help.

regards,
Mihir Kulkarni
Graduate Student
University of California, Irvine
http://goo.gl/CvRcG

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

headers

Mihir Kulkarni | 6 Feb 06:24

Re: HELP: Client-Server code for anonymous authentication NOT working

Hello Patrick,

Thats exactly my case! GnuTLS 2.8.6 on Ubuntu 10.04. Thanks a lot for the prompt reply. Though I'm not at my machine right now, but I'll surely do what you've said and let you know if I face any other problems. But yes, your observations are exactly correct regarding the client and server code in 2.x and 3.x!

I hadn't expected an early reply on Superbowl Sunday! Anyways, thanks a lot.

cheers,
Mihir Kulkarni
Graduate Student
University of California, Irvine

http://goo.gl/CvRcG

On Sun, Feb 5, 2012 at 9:19 PM, Patrick Pelletier <code <at> funwithsoftware.org> wrote:

This sounds like the same problem I ran into recently. I saw the exact same behavior when I tried compiling the current version of the example programs against the GnuTLS libraries that came with my operating system. (GnuTLS 2.8.5 on Ubuntu 10.04.)

I'm assuming my issue (and therefore yours) is that I was running example code that was meant for GnuTLS 3.x against an installed library that was GnuTLS 2.x. (And, presumably the change in major version indicates an incompatibility, although unfortunately in this case it's a rather subtle one.)

When I installed the examples that were meant for the version of GnuTLS I was actually using (by installing the "gnutls-doc" package on Ubuntu, which put the example source code in /usr/share/doc/gnutls-doc/examples), and compiled them, it worked fine.

(Presumably it would also work to build the latest GnuTLS from source, and then use the latest example code, but that's not the approach I went with, because I wanted to write code that would work with Ubuntu's binary packages.)

In particular, the 3.x example code has the while loop you mentioned, while the 2.x example code does not have the while loop.

(The example anonymous server is ex-anon-serv.c in both the 2.x and 3.x examples, but the anonymous client is called ex-client1.c in 2.x, while it's called ex-anon-client.c in 3.x.)

I hope that helps,

--Patrick

On Feb 5, 2012, at 6:06 PM, Mihir Kulkarni wrote:

Hello,
I am part of a team at University of California, Irvine who are trying our hand at GNUTLS. We installed the package and all its dependencies. But when trying with the example code given in the documentation, it throws up an error. The details are:

I tried running the server and client with anonymous authentication. The exact error that it gives is:

CLIENT:

mihir <at> GNU-Linux:~/GNUTLS/gnutls-2.8.6/client$ ./a.out

*** Handshake failed

GNUTLS ERROR: A TLS packet with unexpected length was received.

SERVER:

mihir <at> GNU-Linux:~/GNUTLS/gnutls-2.8.6/server$ ./a.out

Server ready. Listening to port '5556'.

- connection from 127.0.0.1, port 48108

*** Handshake has failed (A TLS packet with unexpected length was received.)

What is figured out so far is that the server goes into an infinite loop on line 120 for the statements:

do

{

ret = gnutls_handshake (session);

printf("Do...\n");

}

while (gnutls_error_is_fatal (ret) == 0);

Can someone please tell me what might be going wrong?

Thank you for your help.

regards,
Mihir Kulkarni
Graduate Student
University of California, Irvine
http://goo.gl/CvRcG

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

headers

Nikos Mavrogiannopoulos | 7 Feb 19:27

Re: HELP: Client-Server code for anonymous authentication NOT working

On 02/06/2012 06:19 AM, Patrick Pelletier wrote:

> This sounds like the same problem I ran into recently.  I saw the exact
> same behavior when I tried compiling the current version of the example
> programs against the GnuTLS libraries that came with my operating
> system.  (GnuTLS 2.8.5 on Ubuntu 10.04.)

> I'm assuming my issue (and therefore yours) is that I was running

> example code that was meant for GnuTLS 3.x against an installed library
> that was GnuTLS 2.x.  (And, presumably the change in major version
> indicates an incompatibility, although unfortunately in this case it's a
> rather subtle one.)

You are right. The example in the website enables elliptic curve
anonymous Diffie-Hellman which doesn't exist in gnutls 2. The error is
subtle because the examples do not include error checking and thus do
not catch the error in gnutls_priority_set_direct().

If you fix the priority string the same example should work as is.

regards,
Nikos

headers

Shengwei Li | 7 Feb 23:23

Cross compile issue about gnutls 3.0.12 on ubuntu with MinGW

Hi there,

I am trying to configure gnutls 3.0.12 on ubuntu with the following command:

./configure --without-p11-kit --disable-cxx CC="i586-mingw32msvc-gcc" --build=i586-pc-linux-gnu --host=i686-pc-mingw32msvc

This is to build a gnutls library that I would use on Windows XP for Winsock program.

But I got the error:

===============================================================

checking for a BSD-compatible install... /usr/bin/install -c

checking whether build environment is sane... yes

checking for i686-pc-mingw32msvc-strip... no

checking for strip... strip

configure: WARNING: using cross tools not prefixed with host triplet

checking for a thread-safe mkdir -p... /bin/mkdir -p

checking for gawk... no

checking for mawk... mawk

checking whether make sets $(MAKE)... yes

***

*** Checking for compilation programs...

checking for i686-pc-mingw32msvc-gcc... i586-mingw32msvc-gcc

checking whether the C compiler works... yes

checking for C compiler default output file name... a.exe

checking for suffix of executables... .exe

checking whether we are cross compiling... yes

checking for suffix of object files... o

checking whether we are using the GNU C compiler... yes

checking whether i586-mingw32msvc-gcc accepts -g... yes

checking for i586-mingw32msvc-gcc option to accept ISO C89... none needed

checking for style of include used by make... GNU

checking dependency style of i586-mingw32msvc-gcc... gcc3

checking for i686-pc-mingw32msvc-g++... no

checking for i686-pc-mingw32msvc-c++... no

checking for i686-pc-mingw32msvc-gpp... no

checking for i686-pc-mingw32msvc-aCC... no

checking for i686-pc-mingw32msvc-CC... no

checking for i686-pc-mingw32msvc-cxx... no

checking for i686-pc-mingw32msvc-cc++... no

checking for i686-pc-mingw32msvc-cl.exe... no

checking for i686-pc-mingw32msvc-FCC... no

checking for i686-pc-mingw32msvc-KCC... no

checking for i686-pc-mingw32msvc-RCC... no

checking for i686-pc-mingw32msvc-xlC_r... no

checking for i686-pc-mingw32msvc-xlC... no

checking for g++... g++

checking whether we are using the GNU C++ compiler... yes

checking whether g++ accepts -g... yes

checking dependency style of g++... gcc3

checking how to run the C preprocessor... i586-mingw32msvc-gcc -E

checking for grep that handles long lines and -e... /bin/grep

checking for egrep... /bin/grep -E

checking for Minix Amsterdam compiler... no

checking for i686-pc-mingw32msvc-ar... no

checking for ar... ar

checking for i686-pc-mingw32msvc-ranlib... no

checking for ranlib... ranlib

checking build system type... i586-pc-linux-gnu

checking host system type... i686-pc-mingw32msvc

checking for ANSI C header files... yes

checking for sys/types.h... yes

checking for sys/stat.h... yes

checking for stdlib.h... yes

checking for string.h... yes

checking for memory.h... yes

checking for strings.h... yes

checking for inttypes.h... yes

checking for stdint.h... yes

checking for unistd.h... yes

checking minix/config.h usability... no

checking minix/config.h presence... no

checking for minix/config.h... no

checking whether it is safe to define __EXTENSIONS__... yes

checking for _LARGEFILE_SOURCE value needed for large files... unknown

checking for special C compiler options needed for large files... no

checking for _FILE_OFFSET_BITS value needed for large files... unknown

checking for _LARGE_FILES value needed for large files... unknown

checking for i586-mingw32msvc-gcc option to accept ISO C99... -std=gnu99

checking for i586-mingw32msvc-gcc -std=gnu99 option to accept ISO Standard C... (cached) -std=gnu99

checking for inline... inline

checking for ANSI C header files... (cached) yes

checking cpuid.h usability... yes

checking cpuid.h presence... yes

checking for cpuid.h... yes

checking for ld used by GCC... /usr/i586-mingw32msvc/bin/ld

checking if the linker (/usr/i586-mingw32msvc/bin/ld) is GNU ld... yes

checking for shared library run path origin... done

checking whether to use nettle... yes

checking for libnettle... no

configure: error:

***

*** Libnettle 2.4 was not found.

===============================================================

It seemed to me that /usr/i586-mingw32msvc/bin/ld could not locate nettle 2.4, which I've installed.

I also tried to use " --with-libnettle-prefix=/usr/local" and , but no luck.

Could someone please help on this? Thank you in advance.

BTW, I could compile it with standard gcc coming with the system.

Regards,

Shengwei (William) Li

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

headers

Laurence Rochfort | 10 Feb 12:45

Unexpected message, handshake failed

Hello,

gnutls is producing the following error for a certificate, prevents all gnutls backed applications from connecting. openssl backed applications connect successfully.

I have no access to the server, but any advice that would allow my gnutls backed applications to work would be very much appreciated.

Many thanks,

Laurence.

$ gnutls-cli -V -p 5223 stbeehive.oracle.com

Resolving 'stbeehive.oracle.com'...

Connecting to '141.146.118.10:5223'...

*** Fatal error: A TLS fatal alert has been received.

*** Received alert [10]: Unexpected message

*** Handshake has failed

GnuTLS error: A TLS fatal alert has been received.

$ openssl s_client -showcerts -connect stbeehive.oracle.com:5223

CONNECTED(00000003)

depth=3 C = US, O = "VeriSign, Inc.", OU = Class 3 Public Primary Certification Authority

verify error:num=19:self signed certificate in certificate chain

verify return:0

---

Certificate chain

0 s:/C=US/ST=California/L=Redwood Shores/O=Oracle Corporation/OU=Global IT/OU=Terms of use at www.verisign.com/rpa (c)05/CN=stbeehive.oracle.com

i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3

-----BEGIN CERTIFICATE-----

MIIFvTCCBKWgAwIBAgIQEsIMvG/ctPbaCLF4fte+4TANBgkqhkiG9w0BAQUFADCB

vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL

ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug

YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt

VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X

DTExMTAyMDAwMDAwMFoXDTEyMTIxODIzNTk1OVowgcAxCzAJBgNVBAYTAlVTMRMw

EQYDVQQIEwpDYWxpZm9ybmlhMRcwFQYDVQQHFA5SZWR3b29kIFNob3JlczEbMBkG

A1UEChQST3JhY2xlIENvcnBvcmF0aW9uMRIwEAYDVQQLFAlHbG9iYWwgSVQxMzAx

BgNVBAsUKlRlcm1zIG9mIHVzZSBhdCB3d3cudmVyaXNpZ24uY29tL3JwYSAoYykw

NTEdMBsGA1UEAxQUc3RiZWVoaXZlLm9yYWNsZS5jb20wggEiMA0GCSqGSIb3DQEB

AQUAA4IBDwAwggEKAoIBAQC/avK+LNahcDOThTJX2grsCHR6sQnBdB3B77MtEdsX

ga7AHAISslsogKIhXaDoQ217fBRA4yvejSeF2nYsII9RTwEu1dw0UQbsWD4elZZP

0KnY6P/pM5DG3e6v2zC/bZjCDNDFIw//UilM+b1Yg/qPZ/LmuTOwjtQBqKS99GZE

mfaPiBgG/P0NsxCCkDr3qk7hUPpuINPvl1Yn4J1zJk0alxyfEhKdTMLQUQ54clqw

Q3gdeSHrB9m/0bxxElwKdgxDxlLwc6qTKN8DjKtnBCW60aL9Tp2+el3+GEOFRxJ8

ApWFqITgIwuEXiupXVAmP5pR2RIBwp5dYeFywX+O88pLAgMBAAGjggGzMIIBrzAJ

BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcD

MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwQQYD

VR0fBDowODA2oDSgMoYwaHR0cDovL1NWUkludGwtRzMtY3JsLnZlcmlzaWduLmNv

bS9TVlJJbnRsRzMuY3JsMCgGA1UdJQQhMB8GCCsGAQUFBwMBBggrBgEFBQcDAgYJ

YIZIAYb4QgQBMHIGCCsGAQUFBwEBBGYwZDAkBggrBgEFBQcwAYYYaHR0cDovL29j

c3AudmVyaXNpZ24uY29tMDwGCCsGAQUFBzAChjBodHRwOi8vU1ZSSW50bC1HMy1h

aWEudmVyaXNpZ24uY29tL1NWUkludGxHMy5jZXIwbgYIKwYBBQUHAQwEYjBgoV6g

XDBaMFgwVhYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxL

B4shBRgwJhYkaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0G

CSqGSIb3DQEBBQUAA4IBAQATDDXxm9yUF4N5NxWQAamYtH9Sc8C48Sb3XM8I4RiG

3zuBwDCMaV4WQmaHcjZmWcJqb48U3Dm+mmvAs/BOSfrPI6bxe/l5pTdqI8AoZWss

ec6SiyN5KErR1hGeBWchjnR1sH78N1xg1lCVW3HYvdxWCWTkW4Y2x9+HtzRGWqLu

PgVrIZinE+GtOb1whgZZjgxo9NgqLdLCs3uk/N9iaIUFs9T76uP728ZmfXGFehki

gOt+l1ZHrs+06wwyqAgP3l3QHPySmtIxP0Biaz6EYlEx67EJ6PCYrTEScBRoILs/

wY+jH131xtP8pjxu8pi26CCVdzxBsfYLiLI8S5Ll/E0c

-----END CERTIFICATE-----

1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3

-----BEGIN CERTIFICATE-----

MIIGKTCCBRGgAwIBAgIQZBvoIM4CCBPzLU0tldZ+ZzANBgkqhkiG9w0BAQUFADCB

yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL

ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp

U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW

ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0

aG9yaXR5IC0gRzUwHhcNMTAwMjA4MDAwMDAwWhcNMjAwMjA3MjM1OTU5WjCBvDEL

MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW

ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg

aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMtVmVy

aVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMIIBIjAN

BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdacYvAV9IGaQQhZjxOdF8mfUdza

sVLv/+NB3eDfxCjG4615HycQmLi7IJfBKERBD+qpqFLPTU4bi7u1xHbZzFYG7rNV

ICreFY1xy1TIbxfNiQDk3P/hwB9ocenHKS5+vDv85burJlSLZpDN9pK5MSSAvJ5s

1fx+0uFLjNxC+kRLX/gYtS4w9D0SmNNiBXNUppyiHb5SgzoHRsQ7AlYhv/JRT9Cm

mTnprqU/iZucff5NYAclIPe712mDK4KTQzfZg0EbawurSmaET0qO3n40mY5o1so5

BptMs5pITRNGtFghBMT7oE2sLktiEuP7TfbJUQABH/weaoEqOOC5T9YtRQIDAQAB

o4ICFTCCAhEwEgYDVR0TAQH/BAgwBgEB/wIBADBwBgNVHSAEaTBnMGUGC2CGSAGG

+EUBBxcDMFYwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9j

cHMwKgYIKwYBBQUHAgIwHhocaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTAO

BgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv

Z2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDov

L2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwNAYDVR0lBC0wKwYIKwYBBQUH

AwEGCCsGAQUFBwMCBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwNAYIKwYBBQUHAQEE

KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wNAYDVR0f

BC0wKzApoCegJYYjaHR0cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy1nNS5jcmww

KAYDVR0RBCEwH6QdMBsxGTAXBgNVBAMTEFZlcmlTaWduTVBLSS0yLTcwHQYDVR0O

BBYEFNebfNgioBX33a1fzimbWMO8RgC1MB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ

80M5+gKvMzEzMA0GCSqGSIb3DQEBBQUAA4IBAQBxtX1zUkrd1000Ky6vlEalSVAC

T/gvF3DyE9wfIYaqwk98NzzURniuXXhv0bpavBCrWDbFjGIVRWAXIeLVQqh3oVXY

QwRR9m66SOZdTLdE0z6k1dYzmp8N5tdOlkSVWmzWoxZTDphDzqS4w2Z6BVxiEOgb

Ett9LnZQ/9/XaxvMisxx+rNAVnwzeneUW/ULU/sOX7xo+68q7jA3eRaTJX9NEP9X

+79uOzMh3nnchhdZLUNkt6Zmh+q8lkYZGoaLb9e3SQBb26O/KZru99MzrqP0nkzK

XmnUG623kHdq2FlveasB+lXwiiFm5WVu/XzT3x7rfj8GkPsZC9MGAht4Q5mo

-----END CERTIFICATE-----

i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority

-----BEGIN CERTIFICATE-----

MIIE0DCCBDmgAwIBAgIQJQzo4DBhLp8rifcFTXz4/TANBgkqhkiG9w0BAQUFADBf

MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT

LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw

HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx

FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz

dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv

ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz

IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi

MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8

RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb

ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR

TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/

Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH

iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB

AAGjggGbMIIBlzAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0

dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9

BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy

aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwbQYI

KwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQU

j+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29t

L3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v

b2NzcC52ZXJpc2lnbi5jb20wPgYDVR0lBDcwNQYIKwYBBQUHAwEGCCsGAQUFBwMC

BggrBgEFBQcDAwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEBBQUA

A4GBABMC3fjohgDyWvj4IAxZiGIHzs73Tvm7WaGY5eE43U68ZhjTresY8g3JbT5K

lCDDPLq9ZVTGr0SzEK0saz6r1we2uIFjxfleLuUqZ87NMwwq14lWAyMfs77oOghZ

tOxFNfeKW/9mz1Cvxm1XjRl4t7mi0VfqH5pLr7rJjhJ+xr3/

-----END CERTIFICATE-----

3 s:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority

i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority

-----BEGIN CERTIFICATE-----

MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG

A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz

cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2

MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV

BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt

YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN

ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE

BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is

I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G

CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i

2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ

2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ

-----END CERTIFICATE-----

---

Server certificate

subject=/C=US/ST=California/L=Redwood Shores/O=Oracle Corporation/OU=Global IT/OU=Terms of use at www.verisign.com/rpa (c)05/CN=stbeehive.oracle.com

issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3

---

No client certificate CA names sent

---

SSL handshake has read 5005 bytes and written 537 bytes

---

New, TLSv1/SSLv3, Cipher is AES256-SHA

Server public key is 2048 bit

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

SSL-Session:

Protocol : TLSv1

Cipher : AES256-SHA

Session-ID:

Session-ID-ctx:

Master-Key: B72E368D6290F0DD98498C1D62AAF25BB37D66614E8ABE527848D61E7A5BC1FF3C3AA5200C12CF77F3EBF9564166856D

Key-Arg : None

Krb5 Principal: None

PSK identity: None

PSK identity hint: None

Start Time: 1328874127

Timeout : 300 (sec)

Verify return code: 19 (self signed certificate in certificate chain)

_______________________________________________
Help-gnutls mailing list
Help-gnutls <at> gnu.org
https://lists.gnu.org/mailman/listinfo/help-gnutls

headers

Nikos Mavrogiannopoulos | 10 Feb 16:07

Re: Unexpected message, handshake failed

On 02/10/2012 12:45 PM, Laurence Rochfort wrote:

> gnutls is producing the following error for a certificate, prevents
> all gnutls backed applications from connecting.  openssl backed
> applications connect successfully.
> 
> I have no access to the server, but any advice that would allow my
> gnutls backed applications to work would be very much appreciated.

Which gnutls is that? I just tried stbeehive.oracle.com and it seems to
work.

regards,
Nikos

71	May 2012
20	April 2012
39	March 2012
31	February 2012
24	January 2012
25	December 2011
49	November 2011
35	October 2011
24	September 2011
9	August 2011
23	July 2011
22	June 2011
29	May 2011
28	April 2011
14	March 2011
11	February 2011
15	January 2011
37	December 2010
39	November 2010
9	October 2010
33	September 2010
19	August 2010
34	July 2010
40	June 2010
25	May 2010
38	April 2010
13	March 2010
23	February 2010
10	January 2010
17	December 2009
38	November 2009
60	October 2009
24	September 2009
18	August 2009
41	July 2009
36	June 2009
46	May 2009
28	April 2009
19	March 2009
36	February 2009
15	January 2009
27	December 2008
67	November 2008
40	October 2008
41	September 2008
22	August 2008
14	July 2008
30	June 2008
59	May 2008
108	April 2008
30	March 2008
36	February 2008
14	January 2008
22	December 2007
31	November 2007
38	October 2007
18	September 2007
24	August 2007
4	July 2007
15	June 2007
34	May 2007
54	April 2007
28	March 2007
71	February 2007
58	January 2007
15	December 2006
14	November 2006
29	October 2006
27	September 2006
12	August 2006
47	July 2006
17	June 2006
12	May 2006
3	April 2006
24	March 2006
12	February 2006
21	January 2006
16	December 2005
31	November 2005
22	October 2005
24	September 2005
44	August 2005
14	July 2005
5	June 2005
19	May 2005
40	April 2005
22	March 2005
12	February 2005
4	January 2005
16	November 2004
4	October 2004
7	September 2004
2	August 2004
8	July 2004
5	June 2004
13	May 2004
4	April 2004
8	February 2004
1	January 2004
4	December 2003
10	November 2003
16	October 2003
1	August 2003
1	July 2003
3	June 2003
4	May 2003
2	April 2003
11	March 2003
4	January 2003
2	September 2002
7	August 2002
1	July 2002
5	June 2002

Mon	Tue	Wed	Thu	Fri	Sat	Sun

		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29