Page 1 of 1
Can't connect to my IRC server through SSL port 7501; connection dropped.
Posted: Fri Jul 10, 2020 2:39 pm
by SeedySeed
Hi,
I'm running UnrealIRCd 5.0.5.1 under Ubuntu 20.04.
Using MegaIRC, I can connect to my server (live.houseoffireseed.ml) just fine on port 6667, but when I try to connect through SSL port 7501, the server seems to straight-up drop the connection.
My unrealircd.conf file can be found at
https://houseoffireseed.ml/downs/unrealircd.conf
The SSL certificates I'm using are ones obtained from LetsEncrypt.
Re: Can't connect to my IRC server through SSL port 7501; connection dropped.
Posted: Sat Jul 11, 2020 4:24 am
by PeGaSuS
Hello.
1) Does your IRC client has support for SSL/TLS (it seems to be old and no more developed)?
2) Did you tried to use a more modern client like AdiIRC or HexChat?
3) Did you checked if you or your server are behind some firewall restrictions (although unlikely on the server end)?
4) Try to use a more standard port, like 6697?
Cheers!
Re: Can't connect to my IRC server through SSL port 7501; connection dropped.
Posted: Sat Jul 11, 2020 7:17 am
by Syzop
Works fine for me, port 7501 with SSL/TLS.
Could test with another client and see if that one works with SSL/TLS? Like,
Hexchat or mIRC.
These clients should give you a proper error message. If the issue persists, let us know the error message.
To fully diagnose it is usually best to have an extra client connected and /OPER'ed up, then set snomask eyes and junk on it (MODE yournick +s +ej) and have the other client connect that has problems. You will probably see some server notice then, which may help as well, especially if the client is not very clear about what is wrong.
Re: Can't connect to my IRC server through SSL port 7501; connection dropped.
Posted: Sat Jul 11, 2020 7:25 am
by Syzop
(See also previous answer with regards to testing with other clients and getting more debug information from the server side.)
I do see one thing "wrong" now, if I enter live.houseoffireseed.ml:7501 at
https://www.sslshopper.com/ssl-checker.html. It gives a warning about the intermediate certificate not being included. You can compare the result with irc.unrealircd.org:6697 (which also uses Let's Encrypt) which does not have this warning.
I presume you have followed
https://www.unrealircd.org/docs/Using_L ... UnrealIRCd ?
As you can see there, you need:
Code: Select all
/* Standard IRC SSL/TLS port 6697 */
listen {
ip *;
port 6697;
options { tls; };
tls-options {
certificate "/etc/letsencrypt/live/irc.example.org/fullchain.pem";
key "/etc/letsencrypt/live/irc.example.org/privkey.pem";
};
};
Note the value of listen::tls-options::certificate, it points to
fullchain.pem. I wonder if perhaps in your case you you accidentally used cert.pem. Try changing it to fullchain.pem and then do both a "/REHASH" and also a "/REHASH -tls" and see if it helps.