Client-Core SSL support » History » Version 2
seezer, 07/02/2009 06:46 PM
1 | 1 | seezer | h1. Client-Core SSL support |
---|---|---|---|
2 | 1 | seezer | |
3 | 2 | seezer | If you wish to setup an SSL connection between the core and client, you must have compiled both with the "-DWITH_OPENSSL=ON" cmake option. |
4 | 2 | seezer | In case you use a binary version, verify that it was built with SSL support. |
5 | 1 | seezer | |
6 | 2 | seezer | You don't know where to look for whether SSL support is available in your core? |
7 | 2 | seezer | |
8 | 2 | seezer | >Start your core once and look out for warnings like: |
9 | 2 | seezer | <pre>Warning: SslServer: Certificate file /home/quassel/.config/quassel-irc.org/quasselCert.pem does not exist |
10 | 2 | seezer | Warning: SslServer: Unable to set certificate file |
11 | 2 | seezer | Quassel Core will still work, but cannot provide SSL for client connections.</pre> |
12 | 2 | seezer | |
13 | 2 | seezer | Then you need to generate a certificate file to be used for the connections. |
14 | 2 | seezer | As the user that starts quassel-core, issue something like the following command on the server running the core: |
15 | 2 | seezer | |
16 | 2 | seezer | *Version 0.4 and later* |
17 | 2 | seezer | <pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.config/quassel-irc.org/quasselCert.pem -out ~/.config/quassel-irc.org/quasselCert.pem</pre> |
18 | 2 | seezer | >You might use a different configuration directory. Check if your core gets started with the --configdir command-line option. |
19 | 2 | seezer | |
20 | 1 | seezer | *Version before 0.4* |
21 | 1 | seezer | <pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.quassel/quasselCert.pem -out ~/.quassel/quasselCert.pem</pre> |
22 | 1 | seezer | >The "~/.quassel/" directory may differ if the --datadir option was specified for quasselcore. |
23 | 1 | seezer | |
24 | 1 | seezer | |
25 | 1 | seezer | Note that Kubuntu packages for Jaunty (9.04) and later do this step for you. |
26 | 1 | seezer | |
27 | 1 | seezer | Start the core and select SSL in your Client as shown below: |