View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006021 | unreal | ircd | public | 2021-12-07 04:42 | 2021-12-29 08:47 |
| Reporter | arcanefeenix | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | acknowledged | Resolution | open | ||
| Platform | Linux | OS | Debian | OS Version | 11.1 |
| Product Version | 6.0.0-rc2 | ||||
| Summary | 0006021: spkifp command does not honor non-standard cert/key names/locations | ||||
| Description | When running `./unrealircd spkifp`, it stated: Could not open certificate: /home/csrv/unrealircd/conf/tls/server.cert.pem With our setup, we have the cert/key in the same directory but it is not named the same. This was specified in the unrealircd.conf file with the set::tls::certificate and set::tls::key directives. It seems like this value is either hardcoded or it is not reading the config first and accepting defaults. | ||||
| Steps To Reproduce | Configure UnrealIRCd with the set::tls::certificate and set::tls::key directives pointing to different locations/filenames and run `./unrealircd spkifp` | ||||
| Tags | conf, spkifp, SSL | ||||
| 3rd party modules | |||||
|
|
Right now it doesn't parse the config file, in fact it doesn't run the unrealircd binary at all.. it uses openssl to generate the spkifp. So yeah. Fortunately it clearly prints the file that the spkifp is generated for at the top, so that's good. I'm going to leave it as a feature request for now. Oh, and, just so you know, you can specify a file as an argument explicitly: ./unrealircd spkifp conf/tls/mynicecert.pem |
|
|
That is good to know. Maybe that can be added to the documentation as a workaround for now. |
|
|
CrazyCat hit this issue as well in 0006040. Until a final fix (which may not be soon) I have updated the documentation / output, which should help a lot. Thanks for that suggestion. In current git, future 6.0.1, it now shows this: $ ./unrealircd spkifp NOTE: This script uses the default certificate location (any set::tls settings are ignored). If this is not what you want then specify a certificate explicitly via: ./unrealircd spkifp conf/tls/example.pem [.. and then the regular output..] Commit: https://github.com/unrealircd/unrealircd/commit/fa5526a44bc956ed6473c2316519225f0dad9dfd |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-12-07 04:42 | arcanefeenix | New Issue | |
| 2021-12-07 04:42 | arcanefeenix | Tag Attached: conf | |
| 2021-12-07 04:42 | arcanefeenix | Tag Attached: spkifp | |
| 2021-12-07 04:42 | arcanefeenix | Tag Attached: SSL | |
| 2021-12-08 07:24 | syzop | Severity | minor => feature |
| 2021-12-08 07:24 | syzop | Note Added: 0022240 | |
| 2021-12-08 07:25 | syzop | Note Edited: 0022240 | |
| 2021-12-08 09:30 | arcanefeenix | Note Added: 0022241 | |
| 2021-12-28 18:20 | syzop | Relationship added | has duplicate 0006040 |
| 2021-12-28 18:33 | syzop | Note Added: 0022310 | |
| 2021-12-28 18:34 | syzop | Note Edited: 0022310 | |
| 2021-12-28 18:34 | syzop | Note Edited: 0022310 | |
| 2021-12-28 18:34 | syzop | Note Edited: 0022310 | |
| 2021-12-28 18:35 | syzop | Note Edited: 0022310 | |
| 2021-12-29 08:47 | syzop | Status | new => acknowledged |
