Hello,
I have installed an IRCD chat server that requires login. port 7000 or 6697
I have purchased Wildcard SSL certificates to protect all subdomains.
No SSL certificates were found on REDACTED. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on
your server's firewall.
When adding a subdomain to the chat through the mentioned port, the following error message appears:
Notice that the subdomain is fully protected. Is the picture clear? What is the solution?
Thank you
SSL certificates port 7000 or 6697 ?
Moderator: Supporters
Re: SSL certificates port 7000 or 6697 ?
The certificate and the key are configured via set::tls::certificate and set::tls::key.
Not all certificate checkers allow specifying the port, the simple ones only check port 443.
Use this one instead: https://www.sslshopper.com/ssl-checker.html and then fill in your hostname followed by :6697 for example irc.example.org:6697
Not all certificate checkers allow specifying the port, the simple ones only check port 443.
Use this one instead: https://www.sslshopper.com/ssl-checker.html and then fill in your hostname followed by :6697 for example irc.example.org:6697
Re: SSL certificates port 7000 or 6697 ?
Thank you Syzop
I did this work and the result is as follows?
irc.example.org:2083 ok 2087
irc.example.org:7000
irc.example.org resolves to 77.123.66.234
Server Type: Apache
No SSL certificates were found on irc.chatcool.net. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.
irc.example.org:6697
irc.example.org resolves to 77.123.66.234
Server Type: Apache
The certificate was issued by GlobalSign.
The certificate will expire in 382 days.
The hostname (irc.chatcool.net) is correctly listed in the certificate.
The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following GlobalSign's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.
Common name: *.example.org
SANs: *.example.org, example.org
Valid from December 12, 2024 to January 13, 2026
Serial Number: 437c0ba72cc37f8eda38389d
Signature Algorithm: sha256WithRSAEncryption
Issuer: GlobalSign GCC R6 AlphaSSL CA 2023
In the port 7000 I do not know the reason
But in the port 6697 it seems to me that there is an error in installing the intermediate certificate
Why does an error appear on port 7000?
I did this work and the result is as follows?
irc.example.org:2083 ok 2087
irc.example.org:7000
irc.example.org resolves to 77.123.66.234
Server Type: Apache
No SSL certificates were found on irc.chatcool.net. Make sure that the name resolves to the correct server and that the SSL port (default is 443) is open on your server's firewall.
irc.example.org:6697
irc.example.org resolves to 77.123.66.234
Server Type: Apache
The certificate was issued by GlobalSign.
The certificate will expire in 382 days.
The hostname (irc.chatcool.net) is correctly listed in the certificate.
The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following GlobalSign's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.
Common name: *.example.org
SANs: *.example.org, example.org
Valid from December 12, 2024 to January 13, 2026
Serial Number: 437c0ba72cc37f8eda38389d
Signature Algorithm: sha256WithRSAEncryption
Issuer: GlobalSign GCC R6 AlphaSSL CA 2023
In the port 7000 I do not know the reason
But in the port 6697 it seems to me that there is an error in installing the intermediate certificate
Why does an error appear on port 7000?
Re: SSL certificates port 7000 or 6697 ?
I hope you didn't wait a month for me to comment and tried that already.. or that you joined our irc channel to get help for thisThe certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following GlobalSign's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.
If you haven't fixed it yet, or for others: this about the certificate that is specified in set::tls::certificate or listen::tls-options::certificate.
Often when you order an SSL certificate you receive multiple certificate files:
- Your own certificate
- Intermediate/chain certificate(s)
- A "full chain", which is a combination of the above
You can also create the full chain by yourself by first putting your own certificate and then under that the intermediate/chain certificates (sometimes called bundle). That way, too, you will get the "full chain".
Like:
Code: Select all
-----BEGIN CERTIFICATE-----
..your certificate..
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...the intermediate certificate...
-----END CERTIFICATE-----
With Let's Encrypt certbot your own certificate is called "cert.pem", the intermediate/chain is called "chain.pem" and the full chain is called "fullchain.pem". It would be fullchain.pem what you want.
With like Sectigo, your own certificate is called "irc_example_org.crt", the intermediate/chain is called "chain.crt"(?) and the full chain is like irc_example_org-fullchain.txt. It is that last file that you want.
Why port 7000 would be different I have no idea, depends on your unrealircd conf. However, for IRC the TLS standard port is 6697. And the old plaintext ports are 6667 and sometimes 7000. I would just get rid of the 7000 if I were you, it is only confusing since people would think it would be plaintext and not SSL/TLS.Why does an error appear on port 7000?