3.2.2b to 3.2.2b SSL (Win32)

DigitalDJ · Post by **DigitalDJ** » Sat Jan 29, 2005 4:24 am

Ok.

I started off with 3.2.2b SSL for Win32, setup the config file and all.

In the service.log I got -

* Loading IRCd configuration ..
* Configuration loaded without any problems ..

Which was great but the ircd.log reported NOTHING at all. I started up mIRC, tried to connect and got Connection Refused.

I went through the config file for hours trying to think what the hell was wrong and I couldn't figure it out so I tried out the Non-SSL build. BAM! It instantly worked without even editing the config file.

Went back to the SSL build and redid the config from scratch editing as little as possible to make it work and still no go.

Does ANYONE have any idea whats going on here? I've spent hours trying to figure it out and I couldn't seem to find anything here on the forums or the FAQ.

Ps. When I connected I was connecting through non-SSL ports, I tried SSL ports and still nothing. Nothing gave any errrors (ircd.log and service.log were clean).

codemastr · Post by **codemastr** » Sat Jan 29, 2005 5:00 am

Did you generate an SSL keypair?

DigitalDJ · Post by **DigitalDJ** » Sat Jan 29, 2005 5:45 am

thats running the makecert.bat and then encpem.bat file yes? then yes i have

just to make sure, what do i put in the set:ssl block? at the moment i have:

ssl {
certificate server.cert.pem;
key server.key.pem;
options {
verify-certificate;
};
};

i re-ran these bat files and they outputed the following files:

server.key.pem
ssl.rnd
server.cert.pem
server.req.pem
server.key.c.pem

but doesnt work :/

thanks for helping

DigitalDJ · Post by **DigitalDJ** » Sun Jan 30, 2005 6:48 am

nothing? :/

McTerry · Post by **McTerry** » Sun Jan 30, 2005 12:55 pm

Do you have this in your configfile?

ssl {
egd "~/entropy"; // Reads entropy from the domain socket located at '~/entropy'
};

If you have try turning this off by adding some of the comment brackets.
But It shouldn't be this thing that casues it.

I'm currently running the non SSL version if you ask me.

DigitalDJ · Post by **DigitalDJ** » Sun Jan 30, 2005 1:05 pm

it wasnt in my config file...

i tried putting it in...still didnt work :/

McTerry · Post by **McTerry** » Sun Jan 30, 2005 1:08 pm

I'm a noob my self on SSL. hehe. But one day I will install it.

Dukat · Post by **Dukat** » Sun Jan 30, 2005 2:32 pm

Have you tried without

Code: Select all

 options {
verify-certificate;
};

DigitalDJ · Post by **DigitalDJ** » Sun Jan 30, 2005 9:28 pm

No Go...

i installed it as a service and it seems that it loads as a process but the bar that tells you how much it is ocmpleted locks up and gives an error saying it terminated unexpectedly. No errors in the event log either.

codemastr · Post by **codemastr** » Sun Jan 30, 2005 9:36 pm

It sounds like you have encrypted the SSL certificate - don't do that.

DigitalDJ · Post by **DigitalDJ** » Mon Jan 31, 2005 4:20 am

i did, but why cant i encrypt it ? :/

i just reisntalled SSL and did not encrypt it - it worked!

thanks for that

is there anyway i can run it with an encrypted certificate - wouldnt it be more secure?

McTerry · Post by **McTerry** » Mon Jan 31, 2005 4:33 pm

Cool. I never knew that. I think you can't encrypt it becouse Unreal IRCd wont be able to access the SSL data.
I'm not sure but thats what I think. It should however be encrypted for other USERS outside the server.

Ron2K · Post by **Ron2K** » Mon Jan 31, 2005 5:49 pm

My experiences running Win32-SSL as an NT Service with an encrypted cert have been unsuccessful. Every time.

aquanight · Post by **aquanight** » Tue Feb 01, 2005 12:17 am

Because Unreal has to ask you for the SSL cert password to use it. And running as an NT Service means it can't ask for that password.

DigitalDJ · Post by **DigitalDJ** » Tue Feb 01, 2005 2:49 am

but if i dont run it as a service it still doesnt work.