[ircd-ratbox] SSL S2S issues

John Marshall john.marshall at riverwillow.com.au
Mon Feb 27 07:33:47 UTC 2012


On 26/02/2012 23:42, b2 wrote:
> Ok , but out network is not EFnet type , so is there some differences
> for the setup or something ?

Neither is ours and it works for us.

> For the setup , we got 2 running servers and client ssl is working ,
> server linking without ssl is also working , but when we try to connect
> over ssl i got : 
> 
> 2012/2/25 23.41 Connection to irc.u4.x.net activated
> 2012/2/25 23.41 Connect to *[irc.u4.x.net] @78.128.x.x
> 2012/2/25 23.41 ssld error for irc.u4.x.net[unknown at 78.128.x.x]: Read
> error: Input/output error
> 
> permissions for cert , key and hd on both sides are ok , im pretty sure
> about that.
> common name is set to real server names on both sides. 
> ports are opened at both sides.
> in connect block SSL flag is checked.
> 
> Then what might be the problem ?

What about the listen{} block? Have you added the server-server ssl port
to 'sslport = '? The connect messages in the serverlog should look like
this:

2012/2/23 03.19 Connection to irc2.example.net activated
2012/2/23 03.19 Connect to *[irc2.example.net] @192.0.2.1
2012/2/23 03.19 Link with irc2.example.net[unknown at 192.0.2.1]
established: (TS6 SSL QS EX CHW IE GLN KNOCK TB ENCAP SERVICES RSFNC
SAVE SAVETS_100) link

It's a seriously long time since I did this and can't remember what I
might have tripped over at the time but noted that you didn't mention
the listen{} block. We're running on 3.0.6.

-- 
John Marshall

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ratbox.org/pipermail/ircd-ratbox/attachments/20120227/b6298bd4/attachment.pgp>


More information about the ircd-ratbox mailing list