Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

6 May, 2024: The networking issue during the past two days has been identified and appears to be fixed. Will keep monitoring.

computers / alt.bbs.synchronet / Newslink SSL error: Giganews

SubjectAuthor
* Newslink SSL error: GiganewsBob Roberts
`* Newslink SSL error: GiganewsDigital Man
 `* Newslink SSL error: GiganewsBob Roberts
  `- Newslink SSL error: GiganewsBob Roberts

1
Newslink SSL error: Giganews

<60D3CA80.6220.dove-syncdisc@hovalbbs.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13701&group=alt.bbs.synchronet#13701

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!npeer.as286.net!npeer-ng0.as286.net!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx35.iad.POSTED!not-for-mail
From: bob.robe...@HOVAL.remove-122s-this (Bob Roberts)
Subject: Newslink SSL error: Giganews
Message-ID: <60D3CA80.6220.dove-syncdisc@hovalbbs.com>
X-Comment-To: All
Organization: Halls of Valhalla
Newsgroups: alt.bbs.synchronet
X-FTN-PID: Synchronet 3.19a-Linux master/4a82e0248 Jun 19 2021 GCC 9.3.0
X-FTN-MSGID: 43774.sync@1:103/705 2539b7cd
X-FTN-CHRS: CP437 2
WhenImported: 20210623165752-0700 c1e0
WhenExported: 20210623175028-0700 c1e0
ExportedFrom: HOVAL dove-syncdisc 6220
Content-Type: text/plain; charset=IBM437
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 20
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Thu, 24 Jun 2021 00:50:25 UTC
Date: Wed, 23 Jun 2021 16:57:52 -0700
X-Received-Bytes: 2029
 by: Bob Roberts - Wed, 23 Jun 2021 23:57 UTC

I'm trying to setup news.giganews.com as my usenet feed for Newslink. However when I try to connect via SSL on any of their SSL ports, I get the following error:

Connecting to news.giganews.com port 443 ...
Connected
Negotiating TLS
TLS WARNING 'Server provided a broken/invalid certificate, try again with a reduced level of certificate compliance checking' (-32) setting attribute 6001
0007 TLS WARNING 'Server provided a broken/invalid certificate, try again with a reduced level of certificate compliance checking' (-32) setting session active
Authenticating...
!Authentication FAILURE: null

Newslink works great over SSL with astraweb, however astraweb is stingy with granting posting permissions, so I'm trying to hook up a provider that allows posting.

Is anyone able to connect to news.giganews.com via SSL and tell me what might be wrong with their SSL handshake?

Bob Roberts

---
■ Synchronet ■ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

Newslink SSL error: Giganews

<60D5262B.43776.sync@vert.synchro.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13703&group=alt.bbs.synchronet#13703

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!newsfeed.xs4all.nl!newsfeed9.news.xs4all.nl!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx33.iad.POSTED!not-for-mail
From: digital....@vert.synchro.net.remove-fwe-this (Digital Man)
Subject: Newslink SSL error: Giganews
Message-ID: <60D5262B.43776.sync@vert.synchro.net>
X-Comment-To: Bob Roberts
Organization: Vertrauen
Newsgroups: alt.bbs.synchronet
In-Reply-To: <60D3CA80.6220.dove-syncdisc@hovalbbs.com>
References: <60D3CA80.6220.dove-syncdisc@hovalbbs.com>
X-FTN-PID: Synchronet 3.19a-Win32 master/b093e0c714 Jun 11 2021 MSC 1928
X-FTN-MSGID: 43776.sync@1:103/705 253b072b
X-FTN-REPLY: 43774.sync@1:103/705 2539b7cd
Content-Type: text/plain; charset=IBM437
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 40
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Fri, 25 Jun 2021 00:41:22 UTC
Date: Thu, 24 Jun 2021 17:41:15 -0700
X-Received-Bytes: 2677
 by: Digital Man - Fri, 25 Jun 2021 00:41 UTC

To: Bob Roberts
Re: Newslink SSL error: Giganews
By: Bob Roberts to All on Wed Jun 23 2021 04:57 pm

> I'm trying to setup news.giganews.com as my usenet feed for Newslink.
> However when I try to connect via SSL on any of their SSL ports, I get the
> following error:
>
> Connecting to news.giganews.com port 443 ...
> Connected
> Negotiating TLS
> TLS WARNING 'Server provided a broken/invalid certificate, try again with a
> reduced level of certificate compliance checking' (-32) setting attribute
> 6001 0007 TLS WARNING 'Server provided a broken/invalid certificate, try
> again with a reduced level of certificate compliance checking' (-32) setting
> session active
> Authenticating...
> !Authentication FAILURE: null
>
> Newslink works great over SSL with astraweb, however astraweb is stingy with
> granting posting permissions, so I'm trying to hook up a provider that
> allows posting.
>
> Is anyone able to connect to news.giganews.com via SSL and tell me what
> might be wrong with their SSL handshake?

Did you setup LetSyncrypt successfully? If not, you'll be using a "self-signed" certificate which giganews likely doesn't like. Either:

1. Setup/use LetSyncrypt, or
2. Don't use NNTPS (use plain NNTP instead)

Additionally, Vertrauen posts NNTP messages to astraweb using NewsLink, no problem. <shrug>
--
digital man

Synchronet "Real Fact" #35:
The irc.synchro.net network has more servers than users.
Norco, CA WX: 77.9°F, 49.0% humidity, 14 mph ENE wind, 0.00 inches rain/24hrs
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

Newslink SSL error: Giganews

<60D79D5A.6231.dove-syncdisc@hovalbbs.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13712&group=alt.bbs.synchronet#13712

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!paganini.bofh.team!news.dns-netz.com!news.freedyn.net!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!news-out.netnews.com!news.alt.net!fdc2.netnews.com!peer03.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx40.iad.POSTED!not-for-mail
From: bob.robe...@HOVAL.remove-3ux-this (Bob Roberts)
Subject: Newslink SSL error: Giganews
Message-ID: <60D79D5A.6231.dove-syncdisc@hovalbbs.com>
X-Comment-To: Digital Man
Organization: Halls of Valhalla
Newsgroups: alt.bbs.synchronet
In-Reply-To: <60D5262B.43776.sync@vert.synchro.net>
References: <60D5262B.43776.sync@vert.synchro.net>
X-FTN-PID: Synchronet 3.19a-Linux master/4a82e0248 Jun 19 2021 GCC 9.3.0
X-FTN-MSGID: 43785.sync@1:103/705 253d909c
X-FTN-REPLY: 43776.sync@1:103/705 253b072b
X-FTN-CHRS: CP437 2
WhenImported: 20210626143418-0700 c1e0
WhenExported: 20210626155202-0700 c1e0
ExportedFrom: HOVAL dove-syncdisc 6231
Content-Type: text/plain; charset=IBM437
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 26
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Sat, 26 Jun 2021 22:52:06 UTC
Date: Sat, 26 Jun 2021 14:34:18 -0700
X-Received-Bytes: 2357
 by: Bob Roberts - Sat, 26 Jun 2021 21:34 UTC

To: Digital Man
Re: Newslink SSL error: Giganews
By: Digital Man to Bob Roberts on Thu Jun 24 2021 05:41 pm

DM> Did you setup LetSyncrypt successfully? If not, you'll be using a
DM> "self-signed" certificate which giganews likely doesn't like. Either:

DM> 1. Setup/use LetSyncrypt, or
DM> 2. Don't use NNTPS (use plain NNTP instead)

DM> Additionally, Vertrauen posts NNTP messages to astraweb using NewsLink, no
DM> problem. <shrug> --

Ok. I had no idea that my own self-signed cert could be causing this issue.
I have now run LetSyncrypt, and it has completed successfully. I now have values under [State] for DomainHash and Host in letsyncrypt.ini. I can see what I think is my legit cert in /sbbs/ctrl/ssl.cert.

However, when I goto HTTPS in my browser, it's still using the "mybbs.com" certificate. I've tried restarting SBBS multiple times, have rerun LetSyncrypt multiple times.

Any idea why HTTPS would still be using the old cert?

Bob Roberts

---
■ Synchronet ■ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

Newslink SSL error: Giganews

<60D7A104.6232.dove-syncdisc@hovalbbs.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13713&group=alt.bbs.synchronet#13713

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!newsreader4.netcologne.de!news.netcologne.de!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx40.iad.POSTED!not-for-mail
From: bob.robe...@HOVAL.remove-3ux-this (Bob Roberts)
Subject: Newslink SSL error: Giganews
Message-ID: <60D7A104.6232.dove-syncdisc@hovalbbs.com>
X-Comment-To: Digital Man
Organization: Halls of Valhalla
Newsgroups: alt.bbs.synchronet
In-Reply-To: <60D79D5A.6231.dove-syncdisc@hovalbbs.com>
References: <60D79D5A.6231.dove-syncdisc@hovalbbs.com>
X-FTN-PID: Synchronet 3.19a-Linux master/4a82e0248 Jun 19 2021 GCC 9.3.0
X-FTN-MSGID: 43786.sync@1:103/705 253d909d
X-FTN-REPLY: 43785.sync@1:103/705 253d909c
X-FTN-CHRS: CP437 2
WhenImported: 20210626144956-0700 c1e0
WhenExported: 20210626155202-0700 c1e0
ExportedFrom: HOVAL dove-syncdisc 6232
Content-Type: text/plain; charset=IBM437
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 19
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Sat, 26 Jun 2021 22:52:06 UTC
Date: Sat, 26 Jun 2021 14:49:56 -0700
X-Received-Bytes: 1827
 by: Bob Roberts - Sat, 26 Jun 2021 21:49 UTC

To: Digital Man
Re: Newslink SSL error: Giganews
By: Bob Roberts to Digital Man on Sat Jun 26 2021 02:34 pm

BR> However, when I goto HTTPS in my browser, it's still using the "mybbs.com"
BR> certificate. I've tried restarting SBBS multiple times, have rerun
BR> LetSyncrypt multiple times.

BR> Any idea why HTTPS would still be using the old cert?

And.... I rebooted my box. Now it's working perfectly. <sigh>
All good.

Bob Roberts

---
■ Synchronet ■ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor