Michael Belanger mrb@ciclops.org wrote:
Folks, I am trying out the new SSL stuff and got the following error:
Feb 16 11:47:39 calculon ngircd[23498]: SSL_CTX_use_certificate_file: /usr/local/etc/ngircd/ssl/server.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
It could be that I did not create the cert correctly.. here is what I did:
openssl genrsa 1024 > server.key openssl req -new -nodes -sha1 -days 1825 -key server.key >server.cert cat server.cert server.key > server.pem && rm server.key
Could you please try: openssl req -newkey rsa:2048 -x509 -keyout server-key.pem -out server-cert.pem -days 1461
(you can adjust -days and the key length). The commands you posted create a private key and a certificate request, the above generates a self-signed key. I've added examples to create self-signed keys with openssl and gnutls certtool to doc/SSL.txt.
Thanks, Florian