rohc team mailing list archive

[Didier Barvaux <didier@xxxxxxxxxxx>]

Hi Kimo,


> Can you suggest me further? One more difference is that I am testing
> in between public IP addresses.

Public IP addresses should not be a problem for TLS negotiation.


> I followed same steps and displayed the content of pkcs#12. They
> contained two certificates and one encrypted private key.

Good.

 
> Please provide more details about as you mentioned "If yes, then
> please ensure that you used the same CA for both client and server".

The Certificate Authority (CA) is the entity that signs both client and
server certificates. The server allows all clients that sends a
certificate that is signed by the same CA as itself.

The CA is created during the howto:
https://rohc-lib.org/wiki/doku.php?id=iprohc-run#create_a_certification_authority_ca

You should create only one CA, not two. That was the purpose of my
question.


> I have used same password for both server and client and did not use
> export passwords. Gave every value as same for both client and server
> except below

That's fine.


What are the software versions you use?
* for IP/ROHC
  $ iprohc_server --version
  $ iprohc_client --version
* for ROHC library
  $ pkg-config --modversion rohc
* for GnuTLS
  $ pkg-config --modversion gnutls
  $ pkg-config --modversion nettle

If your CA and client/server certificates do not contain personal
information (eg. names/emails), please send them. It would help me
reproduce the problem.

Regards,
Didier

Attachment: signature.asc
Description: PGP signature