Unreal 6.1.5 with SSL from COMODO

[Chandro]

Hello, i have my server Unreal installed, and enabled the ssl port 6697 on config.

i try to create a letsencryp ssl but could not make it work. so what about if y purchase a SSL on comodo the cheapest one, and use it with the server? is possible? i try to find info how to make it work but i dont see how.

my server is for example: servidor.irc.com.xx so i purchase a SSL for that hostname.

the config for letsencrypt was:

listen {
ip *;
port 6697;
options { tls; }
tls-options {
certificate "/etc/letsencrypt/live/servidor.irc.com.xx/fullchain.pem";
key "/etc/letsencrypt/live/servidor.irc.com.xx/privkey.pem";
}
}

when do a rehas i have this error:

Code: Select all

unreal@servidor:~/unrealircd$ ./unrealircd rehash
[info] Rehashing server configuration file [./unrealircd rehash]
[info] Loading IRCd configuration..
[info] Testing IRCd configuration..
[error] Failed to load TLS private key /etc/letsencrypt/live/servidor.irc.com.xx/privkey.pem
[error] error:8000000D:system library::Permission denied
[error] error:10080002:BIO routines::system lib
[error] error:0A080002:SSL routines::system lib
[error] Failed to load TLS private key /etc/letsencrypt/live/servidor.irc.com.xx/privkey.pem
[error] error:8000000D:system library::Permission denied
[error] error:10080002:BIO routines::system lib
[error] error:0A080002:SSL routines::system lib
[error] Failed to load TLS private key /etc/letsencrypt/live/servidor.irc.com.xx/privkey.pem
[error] error:8000000D:system library::Permission denied
[error] error:10080002:BIO routines::system lib
[error] error:0A080002:SSL routines::system lib
[error] Failed to load TLS private key /etc/letsencrypt/live/servidor.irc.com.xx/privkey.pem
[error] error:8000000D:system library::Permission denied
[error] error:10080002:BIO routines::system lib
[error] error:0A080002:SSL routines::system lib
[error] Failed to load TLS private key /etc/letsencrypt/live/servidor.irc.com.xx/privkey.pem
[error] error:8000000D:system library::Permission denied
[error] error:10080002:BIO routines::system lib
[error] error:0A080002:SSL routines::system lib
[error] TLS Reload failed at listen::tls-options. See previous errors.
[info] Configuration loaded

maybe is an error, files are user readable.

Code: Select all

unreal@servidor:/etc/letsencrypt/live/servidor.irc.com.xx$ ls -l
total 4
lrwxrwxrwx 1 root   root    43 May  9 04:21 cert.pem -> ../../archive/servidor.irc.com.xx/cert1.pem
lrwxrwxrwx 1 root   root    44 May  9 04:21 chain.pem -> ../../archive/servidor.irc.com.xx/chain1.pem
lrwxrwxrwx 1 unreal unreal  48 May  9 04:21 fullchain.pem -> ../../archive/servidor.irc.com.xx/fullchain1.pem
lrwxrwxrwx 1 unreal unreal  46 May  9 04:21 privkey.pem -> ../../archive/servidor.irc.com.xx/privkey1.pem
-rw-r--r-- 1 root   root   692 May  9 04:21 README

maybe i am doing something wrong.

[Chandro]

ah nevermind, it worked when i create a SSL folder inside the CONF folder and then added the privkey and fullchain of the SSL purchased on comodo.

Code: Select all

unreal@servidor:~/unrealircd$ ./unrealircd rehash
[info] Rehashing server configuration file [./unrealircd rehash]
[info] Loading IRCd configuration..
[info] Testing IRCd configuration..
[info] Configuration loaded
Rehashed successfully.
unreal@servidor:~/unrealircd$

SSL-Alex is using a Secure Connection [TLSv1.3-TLS_CHACHA20_POLY1305_SHA256]
SSL-Alex is in security-groups: unknown-users,tls-and-known-users,tls-users
SSL-Alex is a Network Administrator

cheers!

[Syzop]

Perhaps too late right now, but still useful for when your cert at comodo expires a year from now (or for some other IRC server):
The docs at https://www.unrealircd.org/docs/Using_L ... UnrealIRCd explain how to use let's encrypt with unrealircd. It deals with the "Permission denied" issue by tweaking permissions... the bit with "If you skip this step then you will get Permission denied errors later on.".