INN with SSL encryption

Julien ÉLIE julien at
Wed Jun 11 21:25:14 UTC 2008

Hi David,

> speaking about SSL, how can turn on nnrpd with -S and -p 563 when using a
> distribution rpm (CentOS5.1) with /etc/init.d/innd script (which seems to
> calls script).

If you wish to use TLS/SSL for your readers, you need to start a second nnrpd to
listen to these connections to NNTPS port 563 and put something like that in your
init scripts:

    su news -c '/usr/local/news/bin/nnrpd -D -c /usr/local/news/etc/readers-ssl.conf -p 563 -S'

where readers-ssl.conf is the file which indicates whether a given connection
is allowed to read and post news (you can also use the previously created readers.conf
file to handle TLS/SSL connections).  Note that a news client which supports the STARTTLS
command can also use the conventional NNTP port 119 to initiate a TLS connection.
However, such clients are not widespread yet.

In the shutdown section of the init script, you can put:

    start-stop-daemon --stop --name nnrpd --quiet --oknodo

or if you do not have a start-stop-daemon utility:

    su news -c 'killall nnrpd'

> Is there a way to configure it through config files in /etc , or need to
> change something for nnrpd, i have check init.d scripts and they do not
> contain any mentioning about nnrpd.

I think it answers your question.

Julien ÉLIE

« -- Ils transportent une arme secrète dans un tonneau !
  -- La cervoise tiède !!!
  -- Non, ça c'est une arme connue. » (Astérix)

More information about the inn-workers mailing list