Subj : Re: Binkd and TLS
To   : Tommi Koivula
From : Wilfred van Velzen
Date : Fri Dec 13 2019 09:37 pm

Hi Tommi,

On 2019-12-13 22:16:42, you wrote to me:

TK>>> binkps.conf:

TK>>> client=no
TK>>> cert=/etc/letsencrypt/live/news.fidonet.fi/web.pem
TK>>> connect=127.0.0.1:24554

WV>> I had to do this slightly different:

WV>> /etc/stunnel # cat binkps.conf
WV>> cert=/etc/letsencrypt/live/vlzn.nl/fullchain.pem
WV>> key=/etc/letsencrypt/live/vlzn.nl/privkey.pem
WV>> connect=24554

TK> Ok. I can live with that. :)

Those are the files letsencrypt generates by default. Don't you need to specify
your (private) key?

WV>> But it seems to work. Can anyone test my node? TLS/SSL connects to my
WV>> binkd for node 2:280/464 should go to fido.vlzn.nl:24553

TK> === Cut ===
TK>   13 Dec 22:15:54 [14318] Substituted * to fido.vlzn.nl. for
TK> 2:280/464@fidonet by nodelist + 13 Dec 22:15:54 [14318] call to
TK> 2:280/464@fidonet + 13 Dec 22:15:54 [14318] External command 'openssl
TK> s_client -quiet -alpn binkp -connect fido.vlzn.nl:24553' started, pid
14319
TK>   13 Dec 22:15:54 [14318] connected
TK> + 13 Dec 22:15:54 [14318] outgoing session with fido.vlzn.nl:binkp

It works! :-)

I'm only a bit surprised it came in on IPv4 not like your regular connections
on IPv6!?

2019-12-13T21:15:54.610268+01:00 wilnux5 stunnel: LOG5[5464]: Service [stunnel]
accepted connection from 92.222.75.253:38554


Thanks for testing!


Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
* Origin: FMail development HQ (2:280/464)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.