Sujet : Enabling SSL for NNRPD (was: Looking for peering and help)
De : rayban (at) *nospam* raybanana.net (Ray Banana)
Groupes : news.admin.peering news.software.nntpSuivi-à : news.software.nntpDate : 27. Mar 2025, 20:05:52
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <slrnvub8cg.pnm9.rayban@raybanana.net>
References : 1 2 3 4
User-Agent : slrn/pre1.0.4-9 (Linux)
[crosspost and followup-to to news.software.nntp]
* Gabx wrote:
I have commented out everything that concernes tls but i still get:
>
20 [16:51:14] gabriel1@xnibiru25: ~ $ nc news.tcpreset.net 119
400 Error initializing TLS
>
Mar 27 15:52:34 news nnrpd[581321]: unable to get certificate from '/etc/news/cert.pem'
Mar 27 15:52:34 news nnrpd[581321]: error initializing TLS: [CA_file: ] [CA_path: /etc/news] [cert_file: /etc/news/cert.pem] [key_file: /etc/news/key.pem]
>
As you see:
>
root@news:/etc/news/ssl# grep cert.pem -R /etc/news/
/etc/news/inn.conf:#tlscertfile: /etc/news/ssl/cert.pe
>
tls directive is commented out.
When nnrpd is started by innd, it should only use SSL when a client explicitly
requests encryption via STARTTLS, so I wonder how your nnrpd is actually started?
What is the output from the following command:
netstat -tulpen | grep :119
Just because you mention Letsencrypt in your parallel posting in n.s.nntp:
What does ls -l /etc/news/*.pem display`?
And finally: What is your operating system (distibution)? Did you install
INN from the package supplied by your distribution?
-- Пу́тін — хуйло́https://www.eternal-september.org
Enabling SSL for NNRPD (was: Looking for peering and help)
Re: Enabling SSL for NNRPD