- Oct 07, 2022
-
-
Rob Swindell authored
Per Deon (ALTERANT) via DOVE-Net: Oct 7 09:47:16 d-11-1 synchronet: srvc 0060 BINKPS connection accepted from: 2402:1f00:8101:b3c:1000::2 port 55338 Oct 7 09:47:16 d-11-1 synchronet: srvc 0060 BINKPS TLS ERROR 'Server certificate has expired' (-3) setting private key Oct 7 09:47:16 d-11-1 synchronet: srvc 0060 BINKPS TLS ERROR 'Data has not been initialised' (-11) setting session active Which was odd, because my cert was renewed. I forced renewed it, and confirmed it was valid, but they were still failing. I noticed that letsyncrypt only recycles the web, which is probably the issue. Once I recycled everything, binkps connections started working again.
-
- Dec 31, 2021
-
-
Rob Swindell authored
Reported by Compctech via DOVE-Net: "On a side note, I had to modify the letsyncrypt.js file to get letsencrypt to work. I had to add a / before .well-known on lines 86 - 89 & 96." I'm guessing this is because his sbbs.ini [Web] RootDirectory wasn't terminated with a slash.
-
- Mar 10, 2021
-
-
Deucе authored
Just delete the old private key and create a new one for the new host.
-
- Jan 25, 2021
-
-
Deucе authored
Get both the webroot and web hostname from sbbs.ini rather than use system.inet_addr. system.inet_addr is configured in the messages section, so it's implied that it's for email addresses. Also, allow configuring the sysop email address with the SysopEmail global key in the ini file. This is a cleanup and duplicate of !82
-
- Jan 01, 2021
-
-
Deucе authored
-
- Aug 16, 2020
-
-
Rob Swindell authored
-
- Jul 24, 2019
-
-
rswindell authored
When set to true, enables group read permissions on the ssl.cert file (using the new file_chmod() global function).
-
- Dec 25, 2018
-
-
rswindell authored
-
- Mar 28, 2018
-
-
deuce authored
-
- Mar 13, 2018
-
-
deuce authored
with Synchronet.
-
- Mar 02, 2018
-
-
deuce authored
certificate is generated.
-
- Feb 28, 2018
- Feb 27, 2018
-
-
deuce authored
-
deuce authored
have a third of their total lifetime left". Do that.
-
deuce authored
-
deuce authored
Fixes bug where the key ID would be taken from the staging server.
-
deuce authored
-
deuce authored
Basically, prepare to split the script into various functions and stuff... that var list is silly.
-
deuce authored
-
- Feb 26, 2018
-
-
deuce authored
-
deuce authored
-
deuce authored
-
deuce authored
with a CSR.
-
deuce authored
an update of the Host has changed. Delete Staging value since it's not used anymore.
-
deuce authored
-
deuce authored
Give the certchain a different name from the private key so we can safely delete it without losing the private key too. Don't hold the keyset open while waiting for a CSR to be renewed.
-
- Feb 25, 2018
-
-
deuce authored
-
- Feb 24, 2018
-
-
deuce authored
isn't going to happen. Also, add more errors, especially when a certificate is installed, but the state data can't be updated. That (very unlikely - some would say impossible) situation will result in a new cert being requested every time the script is ran (ideally every day), and likely running into throttling issues.
-
deuce authored
-
deuce authored
an error. If LetSyncrypt does create it, add a webctrl.ini file that removes access restrictions so that the file can be validated.
-
deuce authored
-
deuce authored
when they're 30 days old.
-
deuce authored
ssl.cert and generate a new key. The defl-signed certificates are 1536 bits, so cannot be reused for Let's Encrypt.
-
deuce authored
-
deuce authored
Modify ctrl/letsyncrypt.ini and in the Domains section, add the web root for each domain in the format: example.com=/sbbs/web/root If the list of domains changes, a new certificate will be generated next time letsyncrypt runs. You DO NOT need to specify the domains if you only need to support the single host system.inet_addr.
-
deuce authored
-
deuce authored
-
deuce authored
-
- Feb 23, 2018
-
-
deuce authored
run this as a daily event.
-