Connect To Partyline with TLS: Difference between revisions

From EggWiki
Jump to navigation Jump to search
(Created page with "== Create a TLS Listen Port == To connect to the partyline using TLS, you must first ensure you created a listening port that uses TLS (in the config). This is done by specifying a '+' in front of the port specified in the config. <pre> listen 1.2.3.4 +4444 all </pre> == Create TLS certificates == Next, you must ensure you have TLS certificates to use. If you don't have a pair already, you can generate self-signed certificates from a terminal by running: <pre> openss...")
 
 
Line 16: Line 16:
Then, you must use a client capable of TLS connections (No, telnet is not one of them!) A common method is using the OpenSSL 'sclient' program. To connect from a host with OpenSSL installed, use:
Then, you must use a client capable of TLS connections (No, telnet is not one of them!) A common method is using the OpenSSL 'sclient' program. To connect from a host with OpenSSL installed, use:
<pre>
<pre>
openssl s_client -cert my.crt -key my.key -connect host:sslport (Don't use a + in front of the port here, just the number)
openssl s_client -cert my.crt -key my.key -connect host:sslport
</pre>
</pre>
(Don't use a + in front of the port here, just the number)

Latest revision as of 21:09, 9 July 2023

Create a TLS Listen Port

To connect to the partyline using TLS, you must first ensure you created a listening port that uses TLS (in the config). This is done by specifying a '+' in front of the port specified in the config.

listen 1.2.3.4 +4444 all

Create TLS certificates

Next, you must ensure you have TLS certificates to use. If you don't have a pair already, you can generate self-signed certificates from a terminal by running:

openssl req -new -x509 -nodes -keyout my.key -out my.crt

Connect with TLS

Then, you must use a client capable of TLS connections (No, telnet is not one of them!) A common method is using the OpenSSL 'sclient' program. To connect from a host with OpenSSL installed, use:

openssl s_client -cert my.crt -key my.key -connect host:sslport

(Don't use a + in front of the port here, just the number)