On Jan 3, 2008 2:36 AM, Marc Haber <[EMAIL PROTECTED]> wrote: > Hi, > > Simon writes: > > Appears to be an unreprodicible problem with a specific > > certificate/key which the user cannot reveal. Another > > certificate/key > > from the same CA works fine. Theory: could it be CRLF problems? > > Other > > non-ASCII characters in the file? Nothing indicates a real GnuTLS > > problem here. > > Conclusion: Likely not a GnuTLS problem. > > I think that this conclusion was built too fast, but we do not have > sufficient information to know this. > > The original reporter has said in the mean time that there are no > non-ascii chars in the file and that there are no CRLF issues here. > Currently, it is suspected that GnuTLS has issues with the fact that > the certificate is a wildcard certificate.
>By reading this report, I'm really curious which gnutls version is used, >and > >whether the gnutls-serv and exim are linked on the same version of >gnutls. >Does this occur if exim is linked on gnutls 2.2? > I'm using gnutls 2.0.4 at present (this is the current debian testing version). Is it possibly a known issue with this version? I can not install the new version at present, as this is a production server. I will be able to test this if you think it will correct the issue. For reference, gnutls-serv and gnutl-client work with this cert/key pair. I can run the server fine using; gnutls-serv --debug 5 --x509keyfile myhost_net.key --x509certfile myhost_net.crt And the client can connect using; gnutls-cli -p 5556 mail.myhost.net however, when using certtool -i < my key file failes with the base 64 decoding error. certtool: Import error: Base64 decoding error. > >regards, >Nikos Thanks for your interest, Regards Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
