Change ssl certificate

If your UnrealIRCd is up and running but you have a question about it, then use this forum.
(NOT for installation or connecting issues! Use the other forum instead.)

Moderator: Supporters

Locked
TaTHaR
Posts: 37
Joined: Wed Jan 28, 2015 3:28 pm

Change ssl certificate

Post by TaTHaR »

Hello,

when I was testing my new server I installed UnrealIRCD. Now that server is live for months already and updated to v4.0.10
When I tested I used an other server name like irc.blabla.com But now it is since its live irc.bleble.com (I dont wanna spam) :)
But now I wanted to use with a irc client SSL and it worked only the certificate is on the name of the test server. Is there a way to change the server name for the SSL certificate?

Best Regards, Herman.
Best Regards, Herman.
Syzop
UnrealIRCd head coder
Posts: 2112
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl
Contact:

Re: Change ssl certificate

Post by Syzop »

You can generate a new certificate by doing the following from your unrealircd sources directory (eg: /home/syzop/unrealircd-4.0.10)...

To generate the certificate:

Code: Select all

make pem
Then manually copy the necessary files (server.*.pem) to your conf/ssl of your installed unrealircd directory. In this example it assumes the sources directory is /home/syzop/unrealircd-4.0.10 and you installed UnrealIRCd to /home/syzop/unrealircd:

Code: Select all

cp /home/syzop/unrealircd-4.0.10/server.*.pem /home/syzop/unrealircd/conf/ssl/
(Or, if you are on Windows then replace the above two steps with: Start Menu -> UnrealIRCd 4 -> Make certificate)

Finally, on IRC while connected to this server do:

Code: Select all

/REHASH -ssl
This will load the new certificate.
TaTHaR
Posts: 37
Joined: Wed Jan 28, 2015 3:28 pm

Re: Change ssl certificate

Post by TaTHaR »

Hello Syzop,

thank you verry much for the clear answer :) It looks like it went okay but one more thing........
When in connect using ssl the certficate pops up with the correct info but I get this line:

Your connection to the server is encrypted, however there is a problem with the server's security certificate.

Is this an error and should it be fixed? If yes how? Or is it how it should be?

Best Regards, Herman.
Best Regards, Herman.
rcschaff
Posts: 53
Joined: Sun Jan 15, 2017 5:06 pm

Re: Change ssl certificate

Post by rcschaff »

Herman. That's because your certificates are self signed, and therefor not from a trusted root CA. If you don't want people to see the notices, you would have to buy a certificate from someone such as geotrust or verasign. Though this is not necessary, it's just a warning.
TaTHaR
Posts: 37
Joined: Wed Jan 28, 2015 3:28 pm

Re: Change ssl certificate

Post by TaTHaR »

Thanks for your reply rcschaff. I know enough.

Best regards, Herman.
Best Regards, Herman.
Locked