INN and OpenSSL 0.9.7

Erik Klavon erik at eriq.org
Thu Jan 2 18:36:06 UTC 2003


Greetings

While upgrading to the newest release of OpenSSL today, I encountered
a problem with nnrpd in CURRENT. My previous sasl.conf was:

tls_ca_path:            /news/lib
tls_cert_file:          /news/lib/thawte.pem
tls_key_file:           /news/lib/thawte.pem

(The file thawte.pem is just the private key and certificate
cated). This was using 0.9.6h. After upgrading to OpenSSL 0.9.7, this
config failed to work with the following line logged:

error initializing TLS: [CA_file: ] [CA_path: /news/lib] [cert_file:
/news/lib/thawte.pem] [key_file: /news/lib/thawte.pem]). 

Changing my sasl.conf to

tls_ca_path:            /news/lib
tls_cert_file:          /news/lib/thawte.crt
tls_key_file:           /news/lib/thawte.key

fixed the problem. I tried using this same config with the older
version of nnrpd using the previous version of OpenSSL, and it
failed in the same way as above. 

I did cvsup CURRENT before this upgrade, replacing a version from
around Dec 16th. Not sure if this is a bug, but the workaround is easy
enough.

Erik

-- 
erik         | "It is idle to think that, by means of words, | Maurice
  kl at von     | any real communication can ever pass | Maeterlinck
    eriq.org | from one [human] to another." | Silence


More information about the inn-workers mailing list