Getting SSL to work with INN

Forrest Aldrich forrie at forrie.com
Fri Sep 10 23:40:57 UTC 2004


Doesn't nnrpd have to be started well-after the innd process has 
completed?   This is stated somewhere in documentation... but again, 
very vaguely.

Why a different readers-ssl.conf?


Thanks.



Toon van der Pas wrote:

>For SSL-secured client NNTP session I run a stand-alone nnrpd daemon.
>It is started up at boot time from a separate init script.
>I give it the following commandline options:
>
>nnrpd -D -S -p 563 -c /usr/local/news/etc/readers-ssl.conf
>
>As you see I also give it it's own readers.conf file.
>
>Regards,
>Toon.
>
>On Thu, Sep 09, 2004 at 11:10:08PM -0400, Forrest Aldrich wrote:
>  
>
>>I've read through what I could find in the users archive, and on the 
>>net, and the manpages.
>>
>>It seems vague about how to get nntps running properly.
>>
>>I followed the instructions to generate a certificate (presumed 
>>self-signed).  It seems there are several options in sasl.conf. This is 
>>what I have:
>>
>>tls_ca_path:            /usr/local/news/lib
>>tls_cert_file:          /usr/local/news/lib/cert.pem
>>tls_key_file:           /usr/local/news/lib/cert.pem
>>tls_ca_file:            /usr/local/news/lib/cert.pem
>>
>>But some of the vague documentation suggests I might need to create an 
>>rc.news.local script and put nnrpd -S in there somewhere to get SSL 
>>working?
>>
>>Thanks.
>>    
>>



More information about the inn-workers mailing list