Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
From: n.mavrogiannopoulos at gmail.com (Nikos Mavrogiannopoulos)
Date: Fri, 22 Sep 2017 16:03:36 +0200
In-reply-to: <1506088895.9884.3.camel@cblue.be>

On Fri, Sep 22, 2017 at 4:01 PM, Noel Dieschburg <noel at cblue.be> wrote:
> Hi David,
>
> First thank you for your quick answer ;)
>
> Do you know if there is a way to do such things (disable RSA-512 signin
> algo) without rcompiling the gnu-tls library? I found nothing for the
> moement.

I believe you have to recompile openconnect and set to configure:
--with-default-gnutls-priority="NORMAL:-SIGN-RSA-SHA512"

(I'd also remove RSA-SHA384 to try with the more common SHA256)
--with-default-gnutls-priority="NORMAL:-SIGN-RSA-SHA512:-SIGN-RSA-SHA384"


regards,
Nikos

Follow-Ups:
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: Noel Dieschburg
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: Noel Dieschburg

References:
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Woodhouse
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Woodhouse
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: Nikos Mavrogiannopoulos
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: Nikos Mavrogiannopoulos
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: David Raison
- Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
  - From: Noel Dieschburg

Prev by Date: Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
Next by Date: Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
Previous by thread: Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
Next by thread: Getting "SSL connection failure: PKCS #11 error." even when supplying the correct CA file
Index(es):
- Date
- Thread

[Index of Archives] [Linux Samsung SoC] [Linux Rockchip SoC] [Linux Actions SoC] [Linux for Synopsys ARC Processors] [Linux NFS] [Linux NILFS] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]