Client-Core SSL support » History » Version 5
Version 4 (johu, 09/21/2010 08:45 PM) → Version 5/15 (javier, 08/14/2011 04:59 PM)
h1. Client-Core SSL support
If you wish to setup an SSL connection between the core and client, you must have compiled both with the "-DWITH_OPENSSL=ON" cmake option.
In case you use a binary version, verify that it was built with SSL support.
You don't know where to look for whether SSL support is available in your core?
>Start your core once and look out for warnings in /var/log/quassel/quasselcore like:
<pre>Warning: SslServer: Certificate file /home/quassel/.config/quassel-irc.org/quasselCert.pem does not exist
Warning: SslServer: Unable to set certificate file
Quassel Core will still work, but cannot provide SSL for client connections.</pre>
Then you need to generate a certificate file to be used for the connections.
As the user that starts quassel-core, issue something like the following command on the server running the core:
*>=Version 0.4*
<pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.config/quassel-irc.org/quasselCert.pem -out ~/.config/quassel-irc.org/quasselCert.pem</pre>
>You might use a different configuration directory. Check if your core gets started with the --configdir command-line option.
Note that Kubuntu packages for Jaunty (9.04) and later do this step for you.
Start the core and select SSL in your Client as shown below:
!ssl_dialog_client.png!
If you wish to setup an SSL connection between the core and client, you must have compiled both with the "-DWITH_OPENSSL=ON" cmake option.
In case you use a binary version, verify that it was built with SSL support.
You don't know where to look for whether SSL support is available in your core?
>Start your core once and look out for warnings in /var/log/quassel/quasselcore like:
<pre>Warning: SslServer: Certificate file /home/quassel/.config/quassel-irc.org/quasselCert.pem does not exist
Warning: SslServer: Unable to set certificate file
Quassel Core will still work, but cannot provide SSL for client connections.</pre>
Then you need to generate a certificate file to be used for the connections.
As the user that starts quassel-core, issue something like the following command on the server running the core:
*>=Version 0.4*
<pre>openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout ~/.config/quassel-irc.org/quasselCert.pem -out ~/.config/quassel-irc.org/quasselCert.pem</pre>
>You might use a different configuration directory. Check if your core gets started with the --configdir command-line option.
Note that Kubuntu packages for Jaunty (9.04) and later do this step for you.
Start the core and select SSL in your Client as shown below:
!ssl_dialog_client.png!