nnrpd: can't bind (Invalid argument)

Jim Davis jdavis at CS.Arizona.EDU
Mon Sep 13 22:06:51 UTC 2004


Forrest Aldrich wrote:
> For nnrpd+ssl I installed a self-signed cert.   I went to test and I see 
> this in the logs:
> 
> 
> Sep 13 13:51:17 news nnrpd[30442]: error initializing TLS: [CA_file: 
> /usr/local/news/lib/cert.pem] [CA_path: /usr/local/news/lib] [cert_file: 
> /usr/local/news/lib/cert.pem] [key_file: /usr/local/news/lib/cert.pem]

We're using self-signed certs too -- as with anything SSL the file 
permissions are fussy.  Something like

-rw-------  1 news  news  2335 Jan 21  2004 /usr/local/news/lib/cert.pem

works here.  Well,  my news client (Mozilla Thunderbird) grumbles about 
the self-signed nature, but after telling it to accept the certificate 
everything's copasetic.


> Sep 13 13:52:35 news nnrpd[30448]: starttls: TLSv1 with cipher 
> DHE-RSA-AES256-SHA (256/256 bits) no authentication
> Sep 13 13:52:35 news nnrpd[30448]: myserver.com (xx.xx.xx.106) connect
> 
> It's not clear to me that SSL is working with the message "no 
> authentication".  How can we tell if this is actually working and not 
> falling back to normal nnrpd.

Running tcpdump -i your-favorite-interface tcp port 563 on the server 
should show traffic (or not).



More information about the inn-workers mailing list