Connect To Partyline with TLS: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== Create a TLS Listen Port == To connect to the partyline using TLS, you must first ensure you created a listening port that uses TLS (in the config). This is done by specifying a '+' in front of the port specified in the config. <pre> listen 1.2.3.4 +4444 all </pre> == Create TLS certificates == Next, you must ensure you have TLS certificates to use. If you don't have a pair already, you can generate self-signed certificates from a terminal by running: <pre> openss...") |
|||
Line 16: | Line 16: | ||
Then, you must use a client capable of TLS connections (No, telnet is not one of them!) A common method is using the OpenSSL 'sclient' program. To connect from a host with OpenSSL installed, use: | Then, you must use a client capable of TLS connections (No, telnet is not one of them!) A common method is using the OpenSSL 'sclient' program. To connect from a host with OpenSSL installed, use: | ||
<pre> | <pre> | ||
openssl s_client -cert my.crt -key my.key -connect host:sslport | openssl s_client -cert my.crt -key my.key -connect host:sslport | ||
</pre> | </pre> | ||
(Don't use a + in front of the port here, just the number) |
Latest revision as of 21:09, 9 July 2023
Create a TLS Listen Port
To connect to the partyline using TLS, you must first ensure you created a listening port that uses TLS (in the config). This is done by specifying a '+' in front of the port specified in the config.
listen 1.2.3.4 +4444 all
Create TLS certificates
Next, you must ensure you have TLS certificates to use. If you don't have a pair already, you can generate self-signed certificates from a terminal by running:
openssl req -new -x509 -nodes -keyout my.key -out my.crt
Connect with TLS
Then, you must use a client capable of TLS connections (No, telnet is not one of them!) A common method is using the OpenSSL 'sclient' program. To connect from a host with OpenSSL installed, use:
openssl s_client -cert my.crt -key my.key -connect host:sslport
(Don't use a + in front of the port here, just the number)