1. Forum
  2. DOVE-Net
  3. Synchronet Sysops

  • letsencrypt

    From Geo@VERT/DUNGEON to All on Tue Apr 14 16:20:56 2020
    Hi All,

    My https on the classic syncronet web interface has suddenly stopped working.

    I am getting the following when the web server starts up.

    web ERROR 'Couldn't import the session key used to protect the pr
    ivate key' (-22) getting private key

    and yet I ave not touched anoything that is associated with it?

    Can anyone tell me more about what this error means?

    My Syncrypt timed even runs as normal with return code of 0

    So I don't see what changed.

    Thanks for any help. 8-)
    Regards..Geo
    ooooOOOOoooo

    ---
    þ Synchronet þ The Dungeon BBS - Risen from the Ashes! - Canberra, Australia. http://bbs.barnab
  • From Digital Man@VERT to Geo on Wed Apr 15 00:59:32 2020
    Re: letsencrypt
    By: Geo to All on Tue Apr 14 2020 11:20 am

    Hi All,

    My https on the classic syncronet web interface has suddenly stopped working.

    I am getting the following when the web server starts up.

    web ERROR 'Couldn't import the session key used to protect the pr
    ivate key' (-22) getting private key

    and yet I ave not touched anoything that is associated with it?

    Can anyone tell me more about what this error means?

    My Syncrypt timed even runs as normal with return code of 0

    So I don't see what changed.

    Change your system password maybe?

    http://wiki.synchro.net/faq:tcpip#ssh_session_key

    Sounds like the same issue.

    digital man

    Synchronet/BBS Terminology Definition #88:
    XSDK = Synchronet External Program Software Development Kit for C/C++
    Norco, CA WX: 69.8øF, 31.0% humidity, 2 mph ESE wind, 0.00 inches rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Geo@VERT/DUNGEON to Digital Man on Fri Apr 17 00:55:07 2020
    Hi DM,

    Thanks for that, I moved the files and restarted.

    Now slightly different issue 8-)

    Now I get SSL errors because the certificates it creates when it booted back up
    are self signed.

    Running letsyncrypt.js does not seem to fix it.

    Any further thoughts on how to get back to using letsyncrypt to apply real certificates.

    I hate SSL stuff it just messes with my mind.

    8-/




    Re: letsencrypt
    By: Geo to All on Tue Apr 14 2020 11:20 am

    Hi All,

    My https on the classic syncronet web interface has suddenly stopped working.

    I am getting the following when the web server starts up.

    web ERROR 'Couldn't import the session key used to protect the pr
    ivate key' (-22) getting private key

    and yet I ave not touched anoything that is associated with it?

    Can anyone tell me more about what this error means?

    My Syncrypt timed even runs as normal with return code of 0

    So I don't see what changed.

    Change your system password maybe?

    http://wiki.synchro.net/faq:tcpip#ssh_session_key

    Sounds like the same issue.

    digital man

    Synchronet/BBS Terminology Definition #88:
    XSDK = Synchronet External Program Software Development Kit for C/C++
    Norco, CA WX: 69.8øF, 31.0% humidity, 2 mph ESE wind, 0.00 inches rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
    Regards..Geo
    ooooOOOOoooo

    ---
    þ Synchronet þ The Dungeon BBS - Risen from the Ashes! - Canberra, Australia. http://bbs.barnab
  • From mark lewis@VERT to Geo on Fri Apr 17 12:14:44 2020
    Re: Re: letsencrypt
    By: Geo to Digital Man on Thu Apr 16 2020 19:55:07


    Thanks for that, I moved the files and restarted.

    Now slightly different issue 8-)

    Now I get SSL errors because the certificates it creates when
    it booted back up are self signed.

    you need to have the letsyncrypt certs in place, first or sbbs will generate self-signed certs...

    Running letsyncrypt.js does not seem to fix it.

    1. how are you running letsyncrypt.js?

    2. is your sbbs web server running on the standard port 80?

    3. are you trying to get a cert for one domain or more than one?

    4. are you starting with a clean letsyncrypt.ini file? i started mine with a single line in it...

    TOSAgreed=true

    without the leading spaces i have here for clarity... i had nothing else in the
    file at all...

    5. what output are you seeing when you run letsyncrypt.js?

    6. what output are you seeing then the letsyncrypt event runs?


    )\/(ark
    --- SBBSecho 3.10-Linux
    * Origin: SouthEast Star Mail HUB - SESTAR (1:3634/12)
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Geo@VERT/DUNGEON to mark lewis on Mon Apr 20 17:45:00 2020
    Hi Mark,

    Thanks heaps for those hints 8-)

    I removed the lot and just had the 1 line ini file and that got me working for 1
    domain.

    The I added the other domains to the file and re-ran letsyncrypt, now they all work
    again 8-)

    Thanks Heaps. 8-)


    Re: Re: letsencrypt
    By: Geo to Digital Man on Thu Apr 16 2020 19:55:07


    Thanks for that, I moved the files and restarted.

    Now slightly different issue 8-)

    Now I get SSL errors because the certificates it creates when
    it booted back up are self signed.

    you need to have the letsyncrypt certs in place, first or sbbs will generate self-signed certs...

    Running letsyncrypt.js does not seem to fix it.

    1. how are you running letsyncrypt.js?

    2. is your sbbs web server running on the standard port 80?

    3. are you trying to get a cert for one domain or more than one?

    4. are you starting with a clean letsyncrypt.ini file? i started mine with a single line in it...

    TOSAgreed=true

    without the leading spaces i have here for clarity... i had nothing else in the
    file at all...

    5. what output are you seeing when you run letsyncrypt.js?

    6. what output are you seeing then the letsyncrypt event runs?


    )\/(ark
    --- SBBSecho 3.10-Linux
    * Origin: SouthEast Star Mail HUB - SESTAR (1:3634/12)
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
    Regards..Geo
    ooooOOOOoooo

    ---
    þ Synchronet þ The Dungeon BBS - Risen from the Ashes! - Canberra, Australia. http://bbs.barnab
  • From Rampage@VERT/SESTAR to Geo on Tue Apr 21 13:37:42 2020
    Re: Re: letsencrypt
    By: Geo to mark lewis on Mon Apr 20 2020 12:45:00


    Thanks heaps for those hints 8-)

    you're quite welcome :)

    I removed the lot and just had the 1 line ini file and that got me working for 1
    domain.

    excellent...

    The I added the other domains to the file and re-ran letsyncrypt, now they all
    work again 8-)

    noice!

    i'm curious how you added them... at one time i had several domains but i had to drop them for various reasons... i've been considering to run them again but... i do have a wildcard domain set up so i can easily run subdomains but there's a few things i'm still mulling over...

    Thanks Heaps. 8-)

    i'm glad to have been of assistance :)


    )\/(ark

    ---
    þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
  • From Geo@VERT/DUNGEON to Rampage on Sat Apr 25 16:15:25 2020
    Re: Re: letsencrypt
    By: Rampage to Geo on Tue Apr 21 2020 08:37:42

    Hiya

    i'm curious how you added them... at one time i had several domains but i had to drop them for various
    reasons... i've been considering to run them again but... i do have a wildcard domain set up so i can easily
    run subdomains but there's a few things i'm still mulling over...

    Thanks Heaps. 8-)

    i'm glad to have been of assistance :)


    )\/(ark


    I just added the 3 lines for the varios domain names of my bbs, with the same doc root. It added them to the cert so now https to any of them doesn't throw an error.

    8-)


    Regards..Geo
    ooooOOOOoooo

    ---
    þ Synchronet þ The Dungeon BBS - Risen from the Ashes! - Canberra, Australia. http://bbs.barnab
  • From Geo@VERT/DUNGEON to All on Thu Dec 23 19:05:08 2021
    Hi Gang,

    I'm looking for a bit of advice.

    Whilst I was away, my letsencrypt sert expired and I don't seem to be able to get hold of a replacement.


    I get the following error.

    sbbs@Manifold3:~$ jsexec ../exec/letsyncrypt.js

    JSexec v3.19a-Linux dungeon1/aac64b9 Debug - Execute Synchronet JavaScript Module
    Compiled Sep 10 2021 15:45:10 with GCC 4.8.5

    Loading configuration files from /sbbs/ctrl/
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 16777216 bytes

    Reading script from /sbbs/mods/../exec/letsyncrypt.js /sbbs/mods/../exec/letsyncrypt.js compiled in 0.01 seconds
    !JavaScript : uncaught exception: Authorization failed... https://acme-v02.api.letsencrypt.org/acme/authz-v3/61080835020
    /sbbs/mods/../exec/letsyncrypt.js executed in 6.98 seconds
    !Module (../exec/letsyncrypt.js) set exit_code: 1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: 1

    I've tried -force and -revoke. Event tried putting the .ini back to "as if it had not run first time" and still get errors.

    Can anyone give me some pointers on how to get it working again?


    Thanks heaps 8-)

    ---
    þ Synchronet þ The Dungeon BBS - Risen from the Ashes! - Canberra, Australia. http://bbs.barnab
  • From Digital Man@VERT to Geo on Thu Dec 23 04:16:39 2021
    Re: letsencrypt
    By: Geo to All on Thu Dec 23 2021 11:05 am

    Hi Gang,

    I'm looking for a bit of advice.

    Whilst I was away, my letsencrypt sert expired and I don't seem to be able to get hold of a replacement.


    I get the following error.

    sbbs@Manifold3:~$ jsexec ../exec/letsyncrypt.js

    JSexec v3.19a-Linux dungeon1/aac64b9 Debug - Execute Synchronet JavaScript Module
    Compiled Sep 10 2021 15:45:10 with GCC 4.8.5

    Loading configuration files from /sbbs/ctrl/
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 16777216 bytes

    Reading script from /sbbs/mods/../exec/letsyncrypt.js /sbbs/mods/../exec/letsyncrypt.js compiled in 0.01 seconds
    !JavaScript : uncaught exception: Authorization failed... https://acme-v02.api.letsencrypt.org/acme/authz-v3/61080835020

    If you look at the link, you'll see a detailed error:

    "detail": "Invalid response from http://dungeon.barnabasmusic.com/.well-known/acme-challenge/EVnOq82qksnvhLAnYSRkQnSgf7Xwh9-fAy5HOlEAE9s [59.167.142.49]: \"\u003chtml\u003e\\n\u003chead\u003e\\n\u003c!-- $Id: 404.html,v 1.4 2010/02/22 23:03:25 rswindell Exp $ --\u003e\\n\u003ctitle\u003e404 File not found!\u003c/title\u003e\\n\u003cbody\u003e\\nNo reso\"",

    /sbbs/mods/../exec/letsyncrypt.js executed in 6.98 seconds
    !Module (../exec/letsyncrypt.js) set exit_code: 1

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    Returning error code: 1

    I've tried -force and -revoke. Event tried putting the .ini back to "as if it had not run first time" and still get errors.

    Can anyone give me some pointers on how to get it working again?

    Sounds like the [Domains] section of your ctrl/letsyncrpt.ini file has missing or incorrect paths to your web/root dir.
    --
    digital man (rob)

    Synchronet/BBS Terminology Definition #72:
    SMTP = Simple Message Transfer Protocol
    Norco, CA WX: 58.2øF, 51.0% humidity, 3 mph ENE wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Geo@VERT/DUNGEON to Digital Man on Fri Dec 31 21:39:51 2021
    Re: letsencrypt
    By: Digital Man to Geo on Wed Dec 22 2021 20:16:39

    Hi DM,

    Yep That fixed it. Thx heaps.

    I have no idea why it had reverted to pointing to the old web dir. I had it running from webv4 for months now.

    Thanks again.

    8-)





    Sounds like the [Domains] section of your ctrl/letsyncrpt.ini file has missing or incorrect paths to your
    web/root dir.

    ---
    þ Synchronet þ The Dungeon BBS - Risen from the Ashes! - Canberra, Australia. http://bbs.barnab