1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • Location of SSL / Let's Encrypt SSL certs

    From Amessyroom@VERT/TL-QWK to All on Sun Mar 9 23:01:30 2025
    I have changed my configuration to use a reverse proxy.

    My RP setup also includes certbot, and renews my
    certificates.

    It seems from https URL the latest cert is being used.

    But from synchronet services, when I try to access imaps
    I get TLS errors due to expiration 1/1/2025.


    If I check cert by browser for https, it expires in 4/2025.

    How can I make synchronet use the certs generated by
    certbox, in my RP?

    What is the default locations of the certs normally used by
    synchronet? Could I symlink the "certbot" certs to the
    expected location, or would I have to copy them there ?
    ---
    Amessyroom
    toolazy.synchro.net:2323 (telnet)

    ---
    þ Synchronet þ Too Lazy BBS - toolazy.synchro.net:2323
  • From Digital Man@VERT to Amessyroom on Mon Mar 10 12:12:26 2025
    Re: Location of SSL / Let's Encrypt SSL certs
    By: Amessyroom to All on Sun Mar 09 2025 11:01 pm

    How can I make synchronet use the certs generated by
    certbox, in my RP?

    You can import and export the certficate that Synchronet uses using the certtool:
    https://wiki.synchro.net/module:certtool

    What is the default locations of the certs normally used by
    synchronet?

    ctrl/ssl.cert

    Could I symlink the "certbot" certs to the
    expected location, or would I have to copy them there ?

    I don't think the "certbot" cert would be in the same format.
    --
    digital man (rob)

    This Is Spinal Tap quote #27:
    As long as there's, y'know, sex and drugs, I can do without the rock and roll. Norco, CA WX: 69.7øF, 32.0% humidity, 6 mph W wind, 0.00 inches rain/24hrs
    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Amessyroom@VERT/TL-QWK to Digital Man on Mon Mar 10 18:47:25 2025
    Re: Location of SSL / Let's Encrypt SSL certs
    By: Digital Man to Amessyroom on Mon Mar 10 2025 12:12 pm

    I tried importing the let's encrypt fullchain file, and got
    the following error.

    Made sure there was a blank line between
    BEGIN / END segments as described in wiki.

    sbbs@vmi1943160 toolazy.synchro.net]$ jsexec /sbbs/exec/certtool.js --import fullchain2.pem

    JSexec v3.20e-Linux master/85f4b96fc - Execute Synchronet JavaScript Module Compiled Mar 07 2025 23:05 with GCC 11.5.0

    Loading configuration files from /home/sbbs/ctrl
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 167772160 bytes

    Reading script from /sbbs/exec/certtool.js
    /sbbs/exec/certtool.js compiled in 0.00 seconds
    !JavaScript /sbbs/exec/certtool.js line 70: Error: CryptLib error -43 /sbbs/exec/certtool.js executed in 0.03 seconds
    !Module (/sbbs/exec/certtool.js) set exit_code: 1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: 1
    [sbbs@vmi1943160 toolazy.synchro.net]$

    Any suggestions, or indication what the error is telling me?
    ---
    Amessyroom
    toolazy.synchro.net:2323 (telnet)

    ---
    þ Synchronet þ Too Lazy BBS - toolazy.synchro.net:2323
  • From Digital Man@VERT to Amessyroom on Mon Mar 10 20:43:01 2025
    Re: Location of SSL / Let's Encrypt SSL certs
    By: Amessyroom to Digital Man on Mon Mar 10 2025 06:47 pm

    !JavaScript /sbbs/exec/certtool.js line 70: Error: CryptLib error -43
    Any suggestions, or indication what the error is telling me?

    $ grep "\-43" sbbs/3rdp/src/cl/cryptlib.h
    #define CRYPT_ERROR_NOTFOUND ( -43 ) /* Requested item not found in object */

    Sounds like the file you're trying to import isn't in the correct format.
    --
    digital man (rob)

    This Is Spinal Tap quote #45:
    I don't really think the end can be assessed as of itself as being the end Norco, CA WX: 57.3øF, 44.0% humidity, 3 mph WNW wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net