Project

General

Profile

Edit History

Client-Core SSL support » History » Version 2

seezer, 07/02/2009 06:46 PM

1 1 seezer 
h1. Client-Core SSL support
2 1 seezer 





    3
    2
    seezer
    
If you wish to setup an SSL connection between the core and client, you must have compiled both with the "-DWITH_OPENSSL=ON" cmake option.





    4
    2
    seezer
    
In case you use a binary version, verify that it was built with SSL support.





    5
    1
    seezer
    





    6
    2
    seezer
    
You don't know where to look for whether SSL support is available in your core?





    7
    2
    seezer
    





    8
    2
    seezer
    
>Start your core once and look out for warnings like:





    9
    2
    seezer
    
<pre>Warning: SslServer: Certificate file /home/quassel/.config/quassel-irc.org/quasselCert.pem does not exist





    10
    2
    seezer
    
Warning: SslServer: Unable to set certificate file





    11
    2
    seezer
    
Quassel Core will still work, but cannot provide SSL for client connections.</pre>





    12
    2
    seezer
    





    13
    2
    seezer
    
Then you need to generate a certificate file to be used for the connections.





    14
    2
    seezer
    
As the user that starts quassel-core, issue something like the following command on the server running the core:





    15
    2
    seezer
    





    16
    2
    seezer
    
*Version 0.4 and later*





    17
    2
    seezer
    
<pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.config/quassel-irc.org/quasselCert.pem -out ~/.config/quassel-irc.org/quasselCert.pem</pre>





    18
    2
    seezer
    
>You might use a different configuration directory. Check if your core gets started with the --configdir command-line option.





    19
    2
    seezer
    





    20
    1
    seezer
    
*Version before 0.4*





    21
    1
    seezer
    
<pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.quassel/quasselCert.pem -out ~/.quassel/quasselCert.pem</pre>





    22
    1
    seezer
    
>The "~/.quassel/" directory may differ if the --datadir option was specified for quasselcore.





    23
    1
    seezer
    





    24
    1
    seezer
    





    25
    1
    seezer
    
Note that Kubuntu packages for Jaunty (9.04) and later do this step for you.





    26
    1
    seezer
    





    27
    1
    seezer
    
Start the core and select SSL in your Client as shown below: