Subj : Re: Binkd and TLS
To   : Tommi Koivula
From : Wilfred van Velzen
Date : Fri Dec 13 2019 09:37 pm

Hi Tommi,

On 2019-12-13 22:16:42, you wrote to me:

 TK>>> binkps.conf:

 TK>>> client=no
 TK>>> cert=/etc/letsencrypt/live/news.fidonet.fi/web.pem
 TK>>> connect=127.0.0.1:24554

 WV>> I had to do this slightly different:

 WV>> /etc/stunnel # cat binkps.conf
 WV>> cert=/etc/letsencrypt/live/vlzn.nl/fullchain.pem
 WV>> key=/etc/letsencrypt/live/vlzn.nl/privkey.pem
 WV>> connect=24554

 TK> Ok. I can live with that. :)

Those are the files letsencrypt generates by default. Don't you need to specify 
your (private) key?

 WV>> But it seems to work. Can anyone test my node? TLS/SSL connects to my
 WV>> binkd for node 2:280/464 should go to fido.vlzn.nl:24553

 TK> === Cut ===
 TK>   13 Dec 22:15:54 [14318] Substituted * to fido.vlzn.nl. for
 TK> 2:280/464@fidonet by nodelist + 13 Dec 22:15:54 [14318] call to
 TK> 2:280/464@fidonet + 13 Dec 22:15:54 [14318] External command 'openssl
 TK> s_client -quiet -alpn binkp -connect fido.vlzn.nl:24553' started, pid 
14319
 TK>   13 Dec 22:15:54 [14318] connected
 TK> + 13 Dec 22:15:54 [14318] outgoing session with fido.vlzn.nl:binkp

It works! :-)

I'm only a bit surprised it came in on IPv4 not like your regular connections 
on IPv6!?

2019-12-13T21:15:54.610268+01:00 wilnux5 stunnel: LOG5[5464]: Service [stunnel] 
accepted connection from 92.222.75.253:38554


Thanks for testing!


Bye, Wilfred.

--- FMail-lnx64 2.1.0.18-B20170815
 * Origin: FMail development HQ (2:280/464)

.