• Newslink SSL error: Gigan

    From Bob Roberts@VERT/HOVAL to All on Wed Jun 23 12:57:00 2021
    I'm trying to setup news.giganews.com as my usenet feed for Newslink. However when I try to connect via SSL on any of their SSL ports, I get the following error:

    Connecting to news.giganews.com port 443 ...
    Connected
    Negotiating TLS
    TLS WARNING 'Server provided a broken/invalid certificate, try again with a reduced level of certificate compliance checking' (-32) setting attribute 6001
    0007 TLS WARNING 'Server provided a broken/invalid certificate, try again with a reduced level of certificate compliance checking' (-32) setting session active
    Authenticating...
    !Authentication FAILURE: null

    Newslink works great over SSL with astraweb, however astraweb is stingy with granting posting permissions, so I'm trying to hook up a provider that allows posting.

    Is anyone able to connect to news.giganews.com via SSL and tell me what might be wrong with their SSL handshake?

    Bob Roberts

    ---
    þ Synchronet þ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
  • From Digital Man@VERT to Bob Roberts on Thu Jun 24 13:41:00 2021
    Re: Newslink SSL error: Giganews
    By: Bob Roberts to All on Wed Jun 23 2021 04:57 pm

    I'm trying to setup news.giganews.com as my usenet feed for Newslink. However when I try to connect via SSL on any of their SSL ports, I get the following error:

    Connecting to news.giganews.com port 443 ...
    Connected
    Negotiating TLS
    TLS WARNING 'Server provided a broken/invalid certificate, try again with a reduced level of certificate compliance checking' (-32) setting attribute 6001 0007 TLS WARNING 'Server provided a broken/invalid certificate, try again with a reduced level of certificate compliance checking' (-32) setting session active
    Authenticating...
    !Authentication FAILURE: null

    Newslink works great over SSL with astraweb, however astraweb is stingy with granting posting permissions, so I'm trying to hook up a provider that allows posting.

    Is anyone able to connect to news.giganews.com via SSL and tell me what might be wrong with their SSL handshake?

    Did you setup LetSyncrypt successfully? If not, you'll be using a "self-signed" certificate which giganews likely doesn't like. Either:

    1. Setup/use LetSyncrypt, or
    2. Don't use NNTPS (use plain NNTP instead)

    Additionally, Vertrauen posts NNTP messages to astraweb using NewsLink, no problem. <shrug>
    --
    digital man

    Synchronet "Real Fact" #35:
    The irc.synchro.net network has more servers than users.
    Norco, CA WX: 77.9øF, 49.0% humidity, 14 mph ENE wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Bob Roberts@VERT/HOVAL to Digital Man on Sat Jun 26 10:34:00 2021
    Re: Newslink SSL error: Giganews
    By: Digital Man to Bob Roberts on Thu Jun 24 2021 05:41 pm

    Did you setup LetSyncrypt successfully? If not, you'll be using a "self-signed" certificate which giganews likely doesn't like. Either:

    1. Setup/use LetSyncrypt, or
    2. Don't use NNTPS (use plain NNTP instead)

    Additionally, Vertrauen posts NNTP messages to astraweb using NewsLink, no problem. <shrug> --

    Ok. I had no idea that my own self-signed cert could be causing this issue. I have now run LetSyncrypt, and it has completed successfully. I now have values under [State] for DomainHash and Host in letsyncrypt.ini. I can see what I think is my legit cert in /sbbs/ctrl/ssl.cert.

    However, when I goto HTTPS in my browser, it's still using the "mybbs.com" certificate. I've tried restarting SBBS multiple times, have rerun LetSyncrypt multiple times.

    Any idea why HTTPS would still be using the old cert?

    Bob Roberts

    ---
    þ Synchronet þ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
  • From Bob Roberts@VERT/HOVAL to Digital Man on Sat Jun 26 10:49:00 2021
    Re: Newslink SSL error: Giganews
    By: Bob Roberts to Digital Man on Sat Jun 26 2021 02:34 pm

    However, when I goto HTTPS in my browser, it's still using the "mybbs.com" certificate. I've tried restarting SBBS multiple times, have rerun LetSyncrypt multiple times.

    Any idea why HTTPS would still be using the old cert?

    And.... I rebooted my box. Now it's working perfectly. <sigh>
    All good.

    Bob Roberts

    ---
    þ Synchronet þ Halls of Valhalla =San=Francisco= hovalbbs.com:2333