• Use "Real" SSL Certificate

    From dragon@1:103/705 to DOVE-Net.Synchronet_Discussion on Fri Oct 4 19:23:02 2024
    To: DOVE-Net.Synchronet_Discussion
    Subject: Use "Real" SSL Certificate
    @MSGID: <670078E8.43330.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @TZ: ff10
    I have a certificate issued by a certificate authority. I would like to
    use it with the Synchronet web service. How do I go about it?

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to dragon on Fri Oct 4 23:35:16 2024
    Re: Use "Real" SSL Certificate
    By: dragon to DOVE-Net.Synchronet_Discussion on Fri Oct 04 2024 07:23 pm

    I have a certificate issued by a certificate authority. I would like to
    use it with the Synchronet web service. How do I go about it?

    Check-out: https://wiki.synchro.net/module:certtool
    --
    digital man (rob)

    This Is Spinal Tap quote #20:
    Well, I'm sure I'd feel much worse if I weren't under such heavy sedation. Norco, CA WX: 67.1øF, 80.0% humidity, 1 mph WNW wind, 0.00 inches rain/24hrs --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to Digital Man on Wed Oct 9 23:21:16 2024
    Subject: Re: Use "Real" SSL Certificate
    @MSGID: <67074845.43368.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <6700DE24.52672.sync@vert.synchro.net>
    @TZ: ff10
    On 10/5/2024 02:35, Digital Man wrote:
    Re: Use "Real" SSL Certificate
    By: dragon to DOVE-Net.Synchronet_Discussion on Fri Oct 04 2024 07:23 pm

    > I have a certificate issued by a certificate authority. I would like to
    > use it with the Synchronet web service. How do I go about it?

    Check-out: https://wiki.synchro.net/module:certtool

    Took me a minute to find out that .p12 and .pfx are the same. I'll give
    it a try.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to Digital Man on Thu Oct 10 19:11:40 2024
    Subject: Re: Use "Real" SSL Certificate
    @MSGID: <67085F47.43377.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <6700DE24.52672.sync@vert.synchro.net>
    @TZ: ff10
    On 10/5/2024 02:35, Digital Man wrote:
    Re: Use "Real" SSL Certificate
    By: dragon to DOVE-Net.Synchronet_Discussion on Fri Oct 04 2024 07:23 pm

    > I have a certificate issued by a certificate authority. I would like to
    > use it with the Synchronet web service. How do I go about it?

    Check-out: https://wiki.synchro.net/module:certtool

    OK, here's what I got:

    [C:\sbbs\exec]jsexec certool.js --import wildcard_ipingthereforeiam_com.p12

    JSexec v3.17c-Win32 (rev 1.210) - Execute Synchronet JavaScript Module
    Compiled Oct 8 2019 05:04:30 with MSC 1922

    Loading configuration files from C:\sbbs\ctrl
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 8388608 bytes
    JavaScript: Initializing context (stack: 16384 bytes)

    !Module file (C:\sbbs\exec\certool.js) doesn't exist
    !Module (certool.js) set exit_code: -1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: -1


    What did I do wrong?

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to dragon on Thu Oct 10 18:57:42 2024
    Re: Re: Use "Real" SSL Certificate
    By: dragon to Digital Man on Thu Oct 10 2024 07:11 pm

    !Module file (C:\sbbs\exec\certool.js) doesn't exist

    What did I do wrong?

    You mispelled "certtool":

    dir sbbs\exec\cert*.js
    Volume in drive C is System
    Volume Serial Number is 4AF8-E14C

    Directory of C:\sbbs\exec

    09/25/2023 11:54 PM 3,534 certtool.js
    --
    digital man (rob)

    Sling Blade quote #20:
    Doyle: Hey is this the kind of retard that drools and rubs shit in his hair? Norco, CA WX: 76.2øF, 48.0% humidity, 4 mph NW wind, 0.00 inches rain/24hrs
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to Digital Man on Fri Oct 11 12:44:36 2024
    Subject: Re: Use "Real" SSL Certificate
    @MSGID: <6709560F.43397.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <67088617.52719.sync@vert.synchro.net>
    @TZ: ff10
    On 10/10/2024 21:57, Digital Man wrote:
    You mispelled "certtool":

    So I did. Derp.

    So I ran:

    [C:\sbbs\exec]jsexec certtool --import wildcard_ipingthereforeiam_com.p12

    JSexec v3.17c-Win32 (rev 1.210) - Execute Synchronet JavaScript Module
    Compiled Oct 8 2019 05:04:30 with MSC 1922

    Loading configuration files from C:\sbbs\ctrl
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 8388608 bytes
    JavaScript: Initializing context (stack: 16384 bytes)

    Reading script from C:\sbbs\exec\certtool.js
    !JavaScript C:\sbbs\exec\certtool.js line 100: SyntaxError:
    unterminated string literal
    !Error compiling script from C:\sbbs\exec\certtool.js
    !Module (certtool) set exit_code: -1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: -1


    sure enough, line 100 was:

    print("Certificate imported, delete "+csr_fname+" after verifying.);

    so I corrected the missing quote and ran again:

    [C:\sbbs\exec]jsexec certtool --import wildcard_ipingthereforeiam_com.p12

    JSexec v3.17c-Win32 (rev 1.210) - Execute Synchronet JavaScript Module
    Compiled Oct 8 2019 05:04:30 with MSC 1922

    Loading configuration files from C:\sbbs\ctrl
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 8388608 bytes
    JavaScript: Initializing context (stack: 16384 bytes)

    Reading script from C:\sbbs\exec\certtool.js
    C:\sbbs\exec\certtool.js compiled in 0.00 seconds
    !JavaScript C:\sbbs\exec\certtool.js line 72: Error: CryptLib error -43 C:\sbbs\exec\certtool.js executed in 0.26 seconds
    !Module (certtool) set exit_code: 1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: 1

    Now what?

    Sorry to be a pain.

    Is this another matter of my old version 3.16 not working, I wonder.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to dragon on Fri Oct 11 12:22:56 2024
    Re: Re: Use "Real" SSL Certificate
    By: dragon to Digital Man on Fri Oct 11 2024 12:44 pm

    Is this another matter of my old version 3.16 not working, I wonder.

    Or v3.17, but yeah, that could be it. Certainly you had an old revision of certtool.js, but everything else would be old too.
    --
    digital man (rob)

    Synchronet/BBS Terminology Definition #20:
    DCE = Data Communications Equipment (or Deuce, Stephen Hurd)
    Norco, CA WX: 86.7øF, 26.0% humidity, 2 mph W wind, 0.00 inches rain/24hrs
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to Digital Man on Sun Oct 13 23:01:08 2024
    Subject: Re: Use "Real" SSL Certificate
    @MSGID: <670C8991.43438.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <67097B11.52740.sync@vert.synchro.net>
    @TZ: ff10
    On 10/11/2024 15:22, Digital Man wrote:
    Re: Re: Use "Real" SSL Certificate
    By: dragon to Digital Man on Fri Oct 11 2024 12:44 pm

    > Is this another matter of my old version 3.16 not working, I wonder.

    Or v3.17, but yeah, that could be it. Certainly you had an old revision of certtool.js, but everything else would be old too.

    The only thing "new" here is my certificate file.

    I know you don't want to bother with this older version, but did the
    certtool import work back when 3.16 was current?

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to Digital Man on Sun Oct 13 23:23:20 2024
    Subject: Re: Use "Real" SSL Certificate
    @MSGID: <670C8EC7.43439.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <67097B11.52740.sync@vert.synchro.net>
    @TZ: ff10
    On 10/11/2024 15:22, Digital Man wrote:
    Re: Re: Use "Real" SSL Certificate
    By: dragon to Digital Man on Fri Oct 11 2024 12:44 pm

    > Is this another matter of my old version 3.16 not working, I wonder.

    Or v3.17, but yeah, that could be it. Certainly you had an old revision of certtool.js, but everything else would be old too.

    So I did a clean install of 3.19 on a spare machine. Same error.

    [C:\sbbs\exec]jsexec certtool --import wildcard_ipingthereforeiam_com.p12

    JSexec v3.19b-Win32 master/a2a9dc027 - Execute Synchronet JavaScript Module Compiled Jan 2 2022 16:02:08 with MSC 1928

    Loading configuration files from C:\sbbs\ctrl
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 8388608 bytes

    Reading script from C:\sbbs\exec\certtool.js
    C:\sbbs\exec\certtool.js compiled in 0.00 seconds
    !JavaScript C:\sbbs\exec\certtool.js line 72: Error: CryptLib error -43 C:\sbbs\exec\certtool.js executed in 0.08 seconds
    !Module (certtool) set exit_code: 1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: 1

    [C:\sbbs\exec]

    My guess is that the pfx file I got from Sectigo is not in fact the same
    as a p12 file as stated in several places online.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to dragon on Mon Oct 14 17:06:00 2024
    Re: Re: Use "Real" SSL Certificate
    By: dragon to Digital Man on Sun Oct 13 2024 11:01 pm

    Or v3.17, but yeah, that could be it. Certainly you had an old revision of certtool.js, but everything else would be old too.

    The only thing "new" here is my certificate file.

    I know you don't want to bother with this older version, but did the certtool import work back when 3.16 was current?

    According to your message's PID, you're running SBBS v3.17.

    According to git, certtool.js was created Feb-28-2018 when Synchronet v3.16c was the current release (from 2015). That said, it likely required the current development build of SBBS (v3.17a) to work at that time. So I'd expect it to work with v3.17, but I didn't write it and have never used it myself.
    --
    digital man (rob)

    Breaking Bad quote #20:
    So who's your chief, little injun? - Hank Schrader
    Norco, CA WX: 73.1øF, 58.0% humidity, 10 mph SW wind, 0.00 inches rain/24hrs --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)