1. Forum
  2. Usenet
  3. NEWS.SOFTWARE.NNTP

  • Trouble with 'require_ssl' on INN 2.6.4

    From kitzman@21:1/5 to All on Wed Nov 17 15:29:31 2021
    Hey everyone,

    I'm quite new to NNTP and I set up INN to have my RSS feeds there. I
    saw on INN's README.md that I can reach out here for questions. I would
    be grateful is someone could lend me a hand.

    Previously, I've used version 1.6.x, as it came with Debian, and, in
    order to serve TLS connections, I've used stunnel.

    Now I'm using 2.6.4 - and I configured it to serve TLS. However, my RSS uploader is, at the end, just using sinntp, which is a lightweight
    client. However, sinntp does not support TLS connections.

    So, I configured in `readers.conf` to allow local traffic to use 119,
    and also set `require_ssl: false` in the auth block. However, I still
    get the "Encryption required" error :/ . From the logs I see that it
    used the right auth and access group, and that the parsing worked.

    Is there something wrong with my approach?

    Quite excited though about using my LISP-powered Gwene and soon
    Gmane. :) At the end I'll send a patch to the Alpine ports, with the INN package.

    Kind regards,
    kizman

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From =?UTF-8?Q?Julien_=c3=89LIE?=@21:1/5 to All on Fri Nov 19 19:22:37 2021
    Hi kitzman,

    Now I'm using 2.6.4 - and I configured it to serve TLS. However, my RSS uploader is, at the end, just using sinntp, which is a lightweight
    client. However, sinntp does not support TLS connections.

    So, I configured in `readers.conf` to allow local traffic to use 119,
    and also set `require_ssl: false` in the auth block. However, I still
    get the "Encryption required" error :/ . From the logs I see that it
    used the right auth and access group, and that the parsing worked.

    Normally, you should not have to define port 119 in readers.conf.
    Could you please copy/paste here your readers.conf file please? (with
    possible IP and hostnames obfuscated if they should not be known)

    Do you start a separate nnrpd on port 563 as explained in the last
    section of:
    https://www.eyrie.org/~eagle/software/inn/docs/checklist.html

    Unencrypted traffic on port 119 is handled by innd. It will spawn nnrpd itself.


    readers.conf documentation with examples in the EXAMPLES section:
    https://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html

    --
    Julien ÉLIE

    « Dès que le silence se fait, les gens le meublent. » (Raymond Devos)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)