Hi,
I am tried to setup an SSL protected irc server using ngIRCd and I epicly failed. Here's my ngircd.conf:
[Global] SSLPorts = 17667 SSLKeyFile = /etc/ngircd/ngircd-key.pem SSLCertFile = /etc/ngircd/ngircd-cert.pem SSLDHFile = /etc/ngircd/ngircd-params.pem Name = irc.debian.org Info = Yet another IRC Server running on Debian GNU/Linux AdminInfo1 = Debian User AdminInfo2 = Debian City AdminEMail = root@localhost MotdFile = /etc/ngircd/ngircd.motd PidFile = /var/run/ngircd/ngircd.pid PingTimeout = 120 PongTimeout = 20 ConnectRetry = 60 OperCanUseMode = yes MaxConnections = 500 MaxConnectionsIP = 10 MaxJoins = 10
The problem is that SSL initialisation fails. Here's the relevant /var/log/syslog output:
Jan 5 21:31:12 chronos ngircd[12609]: ngircd 15-SYSLOG+ZLIB+SSL+IRCPLUS+IPv6-i486/pc/linux-gnu started. Jan 5 21:31:12 chronos ngircd[12609]: Reading configuration from "/etc/ngircd/ngircd.conf" ... Jan 5 21:31:12 chronos ngircd[12609]: gnutls_certificate_set_x509_key_file (cert /etc/ngircd/ngircd-cert.pem, key /etc/ngircd/ngircd-key.pem): Base64 decoding error. Jan 5 21:31:12 chronos ngircd[12609]: Warning: Error during SSL initialization, continuing ... Jan 5 21:31:12 chronos ngircd[12609]: ServerUID must not be 0, using "nobody" instead. Jan 5 21:31:12 chronos ngircd[12609]: Can't change group ID to 65534: Operation not permitted Jan 5 21:31:12 chronos ngircd[12609]: Can't change user ID to 65534: Operation not permitted Jan 5 21:31:12 chronos ngircd[12610]: Running as user irc(39), group irc(39), with PID 12610. Jan 5 21:31:12 chronos ngircd[12610]: Not running with changed root directory. Jan 5 21:31:12 chronos ngircd[12610]: Notice: Can't change working directory to "/var/run/ircd": No such file or directory Jan 5 21:31:12 chronos ngircd[12610]: IO subsystem: poll (initial maxfd 100). Jan 5 21:31:12 chronos ngircd[12610]: Now listening on [0::]:17667 (socket 5). Jan 5 21:31:12 chronos ngircd[12610]: Now listening on [0.0.0.0]:17667 (socket 6).
I doubt it is a permissions problem. Here's the /etc/ngircd directory listing:
gp@chronos:/etc/ssl$ sudo ls -l /etc/ngircd/ total 20 -rwxrwxrwx 1 irc irc 0 2011-01-05 21:21 ngircd-cert.pem -rw-r--r-- 1 irc irc 4839 2011-01-05 21:29 ngircd.conf -rwxrwxrwx 1 irc irc 1238 2011-01-05 21:25 ngircd-dhparams.pem -rwxrwxrwx 1 irc irc 1675 2011-01-05 21:21 ngircd-key.pem -rw-r--r-- 1 irc irc 255 2010-05-11 19:16 ngircd.motd gp@chronos:/etc/ssl$
I've read the SSL guide (found here http://ngircd.barton.de/doc/SSL.txt) and it lists 2 methods for creating the SSL certificate/private key. I've used both without success.
Does anyone have any ideas?
Thank you in advance. Georges