Ticket #2911 (closed defect: fixed)

Opened 18 months ago

Last modified 5 months ago

ssl_client_cert does not work with gnutls

Reported by: LeSpocky Owned by: mutt-dev
Priority: minor Milestone: 2.0
Component: crypto Version: 1.5.16
Keywords: smtp tls gnutls openssl Cc:

Description

I compiled mutt with GnuTLS since it's GPL. Parameter ssl_client_cert is not recognized there (it is if I compile against OpenSSL). This makes it impossible to use SMTP over TLS because the client cert is required there. The mailserver responses with 

2007-06-15 00:12:44 TLS error on connection from localhost 
(poldy.lespocky.dyndns.org) [127.0.0.1] (SSL_accept): 
error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer 
did not return a certificate

if I don't set a client cert.

Change History

Changed 17 months ago by brendan

I had a look at adding gnutls support for client certificates, but I didn't see anything in the API providing passphrase callbacks to decrypt the certificate key.

Changed 7 months ago by brendan

  • priority changed from major to minor
  • component changed from mutt to crypto
  • milestone set to 2.0

Changed 5 months ago by brendan

  • status changed from new to closed
  • resolution set to fixed

(In [fe615fd5e0de]) Basic support for $ssl_client_cert when compiled with gnutls. The key must not be encrypted. Closes #2911.

Note: See TracTickets for help on using tickets.