Subj : Re: fTelnet
To   : All
From : zharvek
Date : Thu Oct 17 2024 12:13 pm

On 10/17/24 4:13 PM, tassiebob wrote:
> The server is using LetsEncrypt certificates and I'm hoping to use that same certificate for the fTelnetProxy application, but thus far I've been unable to come up with a working configuration.  It looks like .net/mono needs a PFX format certificate, which I can generate, but it does't work when I do.  I either get "--Error loading cert file", or it throws an error in SSL.AuthenticateAsServer.
It won't help much but I host fTelnet under Win32 and it's using a PFX 
file from Lets Encrypt just fine. Didn't do anything special, and it 
renews when necessary using WACS.

Here is the block of code throwing your error. Prob gonna look like crap 
through the wrapping.

https://github.com/rickparrish/fTelnetProxy/blob/master/fTelnetProxy/fTelnetProxy.cs
---
if (!string.IsNullOrWhiteSpace(Config.Default.CertificateFilename) && 
File.Exists(Config.Default.CertificateFilename)) {
try {
if (OSUtils.IsUnix)
{
Environment.SetEnvironmentVariable("MONO_TLS_PROVIDER", "btls");
}

// Try loading the certificate to ensure there are no problems
var testCert = Config.Default.Certificate;
} catch (Exception ex) {
// Loading cert failed, so wipe the filename to ensure we don't try 
loading it again later
RMLog.Exception(ex, "--Error loading cert file");
Config.Default.CertificateFilename = null;
}
}
---

PFX File Info
---
certutil -dump bbs.archaicbinary.net.pfx

================ Certificate 0 ================
================ Begin Nesting Level 1 ================
Element 0:
Serial Number: 04b699dad2b616dfe9fa661b7c..........
Issuer: CN=R11, O=Let's Encrypt, C=US
  NotBefore: 9/29/2024 8:39 AM
  NotAfter: 12/28/2024 8:39 AM
Subject: CN=bbs.archaicbinary.net
Non-root Certificate
Cert Hash(sha1): c795908dd39c45a2392f71135d150a..........
---

.