INN with SSL encryption

Julien ÉLIE julien at trigofacile.com
Fri Feb 29 18:08:46 UTC 2008


Hi Gabi,

>> I have just tried and unfortunately neither Outlook Express/Windows Mail
>> nor Thunderbird currently know how to use STARTTLS with NNTP (but with POP
>> and SMTP, they do).
>
> We have a working serversystem with FreeBSD 6.3 and innd with SSL
> activated. Working clients are: Thunderbird 2.x, XanaNews (tested).
> Clients connect through port 563 with accepting certificate
> first.

If they accept certificates first, STARTTLS is not used to initiate the
secured connection.


> But for now, i cannot say which flags have to be set for compilation.

--with-openssl
And nnrpd is started with the -S flag for the behaviour you describe.

In fact, what should be implemented is:

19:05 iulius at zen ~% telnet news.trigofacile.com 119
Trying 2001:41d0:1:6d44::1...
Connected to news.trigofacile.com.
Escape character is '^]'.
201 news.trigofacile.com InterNetNews NNRP server INN 2.5.0 (20080214 prerelease) ready (no posting).
STARTTLS
382 Begin TLS negotiation now
test
quit
580 Starttls failed
quit
205 .
Connection closed by foreign host.


That is to say not a SSL connection from the beginning.

Regards,

-- 
Julien ÉLIE

« -- C'est joli cette avenue le long de la mer... Ça s'appelle comment ?
  -- La promenade des Bretons. » (Astérix) 



More information about the inn-workers mailing list