Deutsch English Français Italiano |
<slrnvub8cg.pnm9.rayban@raybanana.net> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!raybanana.dont-email.me!.POSTED!not-for-mail From: Ray Banana <rayban@raybanana.net> Newsgroups: news.admin.peering,news.software.nntp Subject: Enabling SSL for NNRPD (was: Looking for peering and help) Followup-To: news.software.nntp Date: Thu, 27 Mar 2025 19:05:52 -0000 (UTC) Organization: A noiseless patient Spider Lines: 35 Message-ID: <slrnvub8cg.pnm9.rayban@raybanana.net> References: <m4gc9fF147oU1@mid.individual.net> <m4gg0iF1mhqU1@mid.individual.net> <8mv7rvhfpt.fsf@raybanana.net> <m4lb9kFdp4hU1@mid.individual.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Injection-Date: Thu, 27 Mar 2025 20:05:53 +0100 (CET) Injection-Info: raybanana.dont-email.me; posting-host="434176d4ced1ab8d25ba15fb825db828"; logging-data="977402"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18dehM1oJ1g9wQK+fYmjZwD6QtAgcBt/Vs=" User-Agent: slrn/pre1.0.4-9 (Linux) Cancel-Lock: sha1:Kiwz5b2QW3SpYGIgmrPy37HdZq8= Bytes: 2423 [crosspost and followup-to to news.software.nntp] * Gabx wrote: > I have commented out everything that concernes tls but i still get: > >> 20 [16:51:14] gabriel1@xnibiru25: ~ $ nc news.tcpreset.net 119 >> 400 Error initializing TLS > >> Mar 27 15:52:34 news nnrpd[581321]: unable to get certificate from '/etc/news/cert.pem' >> Mar 27 15:52:34 news nnrpd[581321]: error initializing TLS: [CA_file: ] [CA_path: /etc/news] [cert_file: /etc/news/cert.pem] [key_file: /etc/news/key.pem] > > As you see: > >> root@news:/etc/news/ssl# grep cert.pem -R /etc/news/ >> /etc/news/inn.conf:#tlscertfile: /etc/news/ssl/cert.pe > > tls directive is commented out. When nnrpd is started by innd, it should only use SSL when a client explicitly requests encryption via STARTTLS, so I wonder how your nnrpd is actually started? What is the output from the following command: netstat -tulpen | grep :119 Just because you mention Letsencrypt in your parallel posting in n.s.nntp: What does ls -l /etc/news/*.pem display`? And finally: What is your operating system (distibution)? Did you install INN from the package supplied by your distribution? -- Пу́тін — хуйло́ https://www.eternal-september.org