0004679: allow SSL certificates per-port

ID	Project	Category	View Status	Date Submitted	Last Update

0004679	unreal	ircd	public	2016-05-09 17:42	2017-09-09 16:19

Reporter	syzop	Assigned To	syzop
Priority	normal	Severity	feature	Reproducibility	always
Status	resolved	Resolution	fixed
Product Version	4.0.3.1
Fixed in Version	4.0.10

Summary	0004679: allow SSL certificates per-port
Description	Suggestion from ..: allow one to specify an SSL certificate for ports, eg: a serversonly port. This so you can use a long-lived self-signed certificate on server linking ports, and use short-lived letsencrypt SSL certificates on other ports. (Naturally then you need the same in link { } outgoing...) It would be one way to solve the problem letsencrypt creates with regards to using certificates for server linking. Not entirely sure if it's the best one. It's safer than falling back to IP blocks and passwords at least.
Tags	No tags attached.

3rd party modules

syzop 2016-12-29 08:40 administrator ~0019576 Last edited: 2016-12-29 08:40	Massive amount of work but... done. https://github.com/unrealircd/unrealircd/commit/aae0971cf497a2837970109026824edeced8c251 commit aae0971cf497a2837970109026824edeced8c251 Author: Bram Matthys <[email protected]> Date: Thu Dec 29 08:37:15 2016 +0100 Add the ability to set specific ssl options in listen blocks and link blocks. This allows you to for example specify a specific certificate/key on an serversonly port and in link block (a self-signed 10 year valid certificate) and use a short-lived (XX day) Let's Encrypt certificate on the other ports. And several other uses, of course. Will write a wiki article on let's encrypt...

Date Modified	Username	Field	Change
2016-05-09 17:42	syzop	New Issue
2016-12-29 08:40	syzop	Assigned To	=> syzop
2016-12-29 08:40	syzop	Status	new => resolved
2016-12-29 08:40	syzop	Resolution	open => fixed
2016-12-29 08:40	syzop	Fixed in Version	=> 4.0.10
2016-12-29 08:40	syzop	Note Added: 0019576
2016-12-29 08:40	syzop	Note Edited: 0019576