Project

General

Profile

Client-Core SSL support » History » Version 5

javier, 08/14/2011 04:59 PM

1 1 seezer
h1. Client-Core SSL support
2 1 seezer
3 2 seezer
If you wish to setup an SSL connection between the core and client, you must have compiled both with the "-DWITH_OPENSSL=ON" cmake option.
4 2 seezer
In case you use a binary version, verify that it was built with SSL support.
5 1 seezer
6 2 seezer
You don't know where to look for whether SSL support is available in your core?
7 2 seezer
8 5 javier
>Start your core once and look out for warnings in /var/log/quassel/quasselcore like:
9 2 seezer
<pre>Warning: SslServer: Certificate file /home/quassel/.config/quassel-irc.org/quasselCert.pem does not exist
10 2 seezer
Warning: SslServer: Unable to set certificate file
11 2 seezer
Quassel Core will still work, but cannot provide SSL for client connections.</pre>
12 2 seezer
13 2 seezer
Then you need to generate a certificate file to be used for the connections.
14 2 seezer
As the user that starts quassel-core, issue something like the following command on the server running the core:
15 2 seezer
16 4 johu
*>=Version 0.4*
17 2 seezer
<pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.config/quassel-irc.org/quasselCert.pem -out ~/.config/quassel-irc.org/quasselCert.pem</pre>
18 1 seezer
>You might use a different configuration directory. Check if your core gets started with the --configdir command-line option.
19 1 seezer
20 1 seezer
Note that Kubuntu packages for Jaunty (9.04) and later do this step for you.
21 1 seezer
22 1 seezer
Start the core and select SSL in your Client as shown below:
23 3 seezer
24 3 seezer
!ssl_dialog_client.png!