Hi,

I'd like gnutls to check that the server I connect to are trusted. Using
Gnus and smtpmail, currently, the check is disable because
the argument :verify-hostname-error to `gnutls-negotiate' is always nil.
It seems nothing uses it for now.

I wonder if adding a global defcustom would be helpful here. WDYT?

OTOH, I've tried to set it manually to t, and I added my CA to the know
certificates. gnutls-bin is now happy to connect to my IMAP server and
considers it secure ("Peer's certificate is trusted"). But with
gnutls.c, I keep hitting:

  if (peer_verification & GNUTLS_CERT_SIGNER_NOT_FOUND)
    GNUTLS_LOG2 (1, max_log_level, "certificate signer was not found:",
		 c_hostname);

Note that the trustfile used seems correct too.

If anybody has a clue, I'd be glad… 

-- 
Julien Danjou
/* Free Software hacker & freelance
   http://julien.danjou.info */