INN with SSL encryption
Julien ÉLIE
julien at trigofacile.com
Wed Jun 11 21:25:14 UTC 2008
Hi David,
> speaking about SSL, how can turn on nnrpd with -S and -p 563 when using a
> distribution rpm (CentOS5.1) with /etc/init.d/innd script (which seems to
> calls rc.news script).
http://www.eyrie.org/~eagle/software/inn/docs/install.html#S14
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
If you wish to use TLS/SSL for your readers, you need to start a second nnrpd to
listen to these connections to NNTPS port 563 and put something like that in your
init scripts:
su news -c '/usr/local/news/bin/nnrpd -D -c /usr/local/news/etc/readers-ssl.conf -p 563 -S'
where readers-ssl.conf is the file which indicates whether a given connection
is allowed to read and post news (you can also use the previously created readers.conf
file to handle TLS/SSL connections). Note that a news client which supports the STARTTLS
command can also use the conventional NNTP port 119 to initiate a TLS connection.
However, such clients are not widespread yet.
In the shutdown section of the init script, you can put:
start-stop-daemon --stop --name nnrpd --quiet --oknodo
or if you do not have a start-stop-daemon utility:
su news -c 'killall nnrpd'
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Is there a way to configure it through config files in /etc , or need to
> change something for nnrpd, i have check init.d scripts and they do not
> contain any mentioning about nnrpd.
I think it answers your question.
--
Julien ÉLIE
« -- Ils transportent une arme secrète dans un tonneau !
-- La cervoise tiède !!!
-- Non, ça c'est une arme connue. » (Astérix)
More information about the inn-workers
mailing list