HI,
I don't know the solution to enter security. All attempts have failed.
/* Standard IRC SSL/TLS port 6697 */
listen {
ip *;
port 6697;
options { tls; }
tls-options {
certificate "/home/keme/unrealircd/conf/tls/server.cert.pem";
key "/home/keme/unrealircd/conf/tls/server.key.pem";
}
https://www.sslshopper.com/ssl-checker.html
This error appears?
irc.meme.com resolves to 88.88.222.222
Server Type: Apache
The certificate will expire in 3649 days.
The hostname (irc.meme.com) is correctly listed in the certificate.
The certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate
ommon name: irc.keme.com
Organization: IRC Org. Unit: IRCD
Location: ou, mi, uw
Valid from September 20, 2024 to September 18, 2034
Serial Number: 2045c307196ff2ub2f4b0aeacs308x1ew397r
Signature Algorithm: ecdsa-with-SHA256
Issuer: irc.keme.com
What is the solution? The certificate is subject to the control panel. Do I have to buy a certificate or is the free control panel certificate sufficient? What is the solution? Thanks everyone.
How to login securely ؟ SSL/TLS
Moderator: Supporters
Re: How to login securely ؟ SSL/TLS
It seems you are using a self-signed certificate. This is okay for server-to-server connections, but your users client's will try to verify the certificate. A self-signed certificate is not considered valid.
To fix this problem, you can obtain a real certificate (for free) by following the instructions on this page.
To fix this problem, you can obtain a real certificate (for free) by following the instructions on this page.
Got an idea for a module? Don't be shy! Come talk to me on #unreal-support
Like the support I provide? Consider supporting me with a donation.
Like the support I provide? Consider supporting me with a donation.
Re: How to login securely ؟ SSL/TLS
Thanks Valware
irc.keme.com resolves to 88.99.141.226
Server Type: Apache
The certificate should be trusted by all major web browsers (all the correct intermediate certificates are installed).
The certificate will expire in 88 days.
The hostname (irc.zerfoon.com) is correctly listed in the certificate.
Common name: www.irc.keme.com
SANs: *.zerfoon.com, www.irc.keme.com
Valid from September 22, 2024 to December 21, 2024
Serial Number: 04e5afa2257f1ca83d0b5c5c3951d12ca01d
Signature Algorithm: sha256WithRSAEncryption
Issuer: R10
Common name: R10
Organization: Let's Encrypt
Location: US
Valid from March 12, 2024 to March 12, 2027
Serial Number: 4ba85293f79a2fa273064ba8048d75d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: ISRG Root X1
ok
Works great but when adding the port it shows an error
irc.keme.com:6697
he certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate
Common name: irc.keme.com
Organization: IRC Org. Unit: IRCD
Location: kw
Valid from September 22, 2024 to September 20, 2034
Serial Number: 73ba3a15d19de251d53e7a3b857587ef0f00cef4
Signature Algorithm: ecdsa-with-SHA256
Issuer: irc.keme.com
irc.keme.com resolves to 88.99.141.226
Server Type: Apache
The certificate should be trusted by all major web browsers (all the correct intermediate certificates are installed).
The certificate will expire in 88 days.
The hostname (irc.zerfoon.com) is correctly listed in the certificate.
Common name: www.irc.keme.com
SANs: *.zerfoon.com, www.irc.keme.com
Valid from September 22, 2024 to December 21, 2024
Serial Number: 04e5afa2257f1ca83d0b5c5c3951d12ca01d
Signature Algorithm: sha256WithRSAEncryption
Issuer: R10
Common name: R10
Organization: Let's Encrypt
Location: US
Valid from March 12, 2024 to March 12, 2027
Serial Number: 4ba85293f79a2fa273064ba8048d75d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: ISRG Root X1
ok
Works great but when adding the port it shows an error
irc.keme.com:6697
he certificate is self-signed. Users will receive a warning when accessing this site unless the certificate is manually added as a trusted certificate to their web browser. You can fix this error by buying a trusted SSL certificate
Common name: irc.keme.com
Organization: IRC Org. Unit: IRCD
Location: kw
Valid from September 22, 2024 to September 20, 2034
Serial Number: 73ba3a15d19de251d53e7a3b857587ef0f00cef4
Signature Algorithm: ecdsa-with-SHA256
Issuer: irc.keme.com
Re: How to login securely ؟ SSL/TLS
Right, so you have loaded a good certificate in Apache but not in UnrealIRCd. The guide that Valware referred you to has instructions on how to load the certificate correctly in UnrealIRCd.
Usually you only have UnrealIRCd on the machine and not also a webserver like Apache. If that is the case (only UnrealIRCd, certbot not set up yet) then just follow the entire guide.
If you already have certbot+apache set up on the same box as unrealircd then you could read only the following two subsections: Tweaking permissions on the key file and Updating your listen blocks. Note that you will be missing out on the automatic rehashing on certificate renewal (unless you update certbot to run that hook mentioned in the guide). Also, we generally recommend running UnrealIRCd on an isolated machine so it is not affected by security mistakes in like web code (PHP/etc) which are kinda widespread. Of course if you don't really care about that (e.g. you are just playing around) or can't afford it then that's up to you.
Usually you only have UnrealIRCd on the machine and not also a webserver like Apache. If that is the case (only UnrealIRCd, certbot not set up yet) then just follow the entire guide.
If you already have certbot+apache set up on the same box as unrealircd then you could read only the following two subsections: Tweaking permissions on the key file and Updating your listen blocks. Note that you will be missing out on the automatic rehashing on certificate renewal (unless you update certbot to run that hook mentioned in the guide). Also, we generally recommend running UnrealIRCd on an isolated machine so it is not affected by security mistakes in like web code (PHP/etc) which are kinda widespread. Of course if you don't really care about that (e.g. you are just playing around) or can't afford it then that's up to you.