1. Forum
  2. Fidonet
  3. SYNC SYSOPS

  • Non-Let's Encrypt Certificates

    From Dream Master@1:103/705 to Digital Man on Wed Feb 24 21:34:17 2021
    I've been sitting here most of the evening playing with IMAP and noticed that it is specifying the self-signed certificate during IMAP sessions instead of the LetSyncrypt generated cert. Although I'm going to read, "Reach out to Deuce" because I mentioned IMAP, I'm curious about using some other CA for certificate purposes for webv4 (echicken) or anything else.

    Do I need to use a proxy for this or can this be integrated directly into Synchronet?

    Thanks in advance!

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    þ Synchronet þ Caught in a Dream - caughtinadream.com
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to Dream Master on Wed Feb 24 21:51:10 2021
    Re: Non-Let's Encrypt Certificates
    By: Dream Master to Digital Man on Wed Feb 24 2021 09:34 pm

    I've been sitting here most of the evening playing with IMAP and noticed that it is specifying the self-signed certificate during IMAP sessions instead of the LetSyncrypt generated cert.

    According to Deuce, that's not possible unless your LetsEncrypt cert got deleted some how.

    Although I'm going to read,
    "Reach out to Deuce" because I mentioned IMAP, I'm curious about using some other CA for certificate purposes for webv4 (echicken) or anything else.

    Well Deuce is also the LetSyncrypt expert.

    Do I need to use a proxy for this or can this be integrated directly into Synchronet?

    You shouldn't. All TLS services in Synchronet should be using the same certificate (whether its self-signed or not). We don't even have support for multiple certificates.
    --
    digital man

    Synchronet/BBS Terminology Definition #84:
    UDP = User Datagram Protocol
    Norco, CA WX: 55.0øF, 63.0% humidity, 0 mph SW wind, 0.00 inches rain/24hrs
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Tracker1@1:103/705 to Dream Master on Thu Feb 25 18:01:06 2021
    On 2/24/2021 9:34 PM, Dream Master wrote:
    I've been sitting here most of the evening playing with IMAP
    and noticed that it is specifying the self-signed certificate
    during IMAP sessions instead of the LetSyncrypt generated cert.
    Although I'm going to read, "Reach out to Deuce" because I
    mentioned IMAP, I'm curious about using some other CA for
    certificate purposes for webv4 (echicken) or anything else.

    Do I need to use a proxy for this or can this be integrated
    directly into Synchronet?

    In a similar sitution, I just moved the BBS to a different,
    dedicated VPS (host.roughneckbbs.com) and have the web
    proxy via a separate server. Only issue I had is needed to
    edit all the locations where ftelnet are in the web UI to
    connect to the different hostname than the web UIs are
    using.
    --
    Michael J. Ryan (tracker1)
    +o roughneckbbs.com
    ---
    ï¿­ Synchronet ï¿­ Roughneck BBS - roughneckbbs.com
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)