To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

Cert: Difference between revisions

From ZNC
Jump to navigation Jump to search
>Mkaysi
→‎Generating a certificate: As Certauth used to link to OFTC which used 10 years as expiry date, do that here too.
>Mkaysi
m →‎Generating a certificate: Fix previous edit
Line 22: Line 22:
This command would produce a 2048-bit certificate which would expire in 3650 days. You can modify the arguments to openssl to change this. znc.pem is the certificate you will need to add to ZNC.
This command would produce a 2048-bit certificate which would expire in 3650 days. You can modify the arguments to openssl to change this. znc.pem is the certificate you will need to add to ZNC.


<pre>openssl req -nodes -newkey rsa:2048 -keyout znc.pem -x509 -days 365 -out znc.pem\
<pre>openssl req -nodes -newkey rsa:2048 -keyout znc.pem -x509 -days 3650 -out znc.pem\
  -subj "/CN=YourNickname"</pre>
  -subj "/CN=YourNickname"</pre>



Revision as of 16:05, 5 June 2014


This module lets users use their own SSL certificate to connect to a server, such as CertFP.

You will have to generate a SSL certificate to use with this module and either place it at `~/.znc/users/<user>/networks/<network>/moddata/cert/user.pem` or use the web interface to upload the certificate.

Arguments

This user/network module takes no arguments.

Read loading modules to learn more about loading modules.

Commands

+---------+-----------+--------------------------------+
| Command | Arguments | Description                    |
+---------+-----------+--------------------------------+
| Help    |           | Generate this output           |
| delete  |           | Delete the current certificate |
| info    |           |                                |
+---------+-----------+--------------------------------+

Generating a certificate

You can use the following openssl commands to generate a certificate

This command would produce a 2048-bit certificate which would expire in 3650 days. You can modify the arguments to openssl to change this. znc.pem is the certificate you will need to add to ZNC.

openssl req -nodes -newkey rsa:2048 -keyout znc.pem -x509 -days 3650 -out znc.pem\
 -subj "/CN=YourNickname"


Enter this to get the fingerprint:

openssl x509 -sha1 -noout -fingerprint -in znc.pem | sed -e 's/^.*=//;s/://g;y/ABCDEF/abcdef/'

Add the fingerprint to your NickServ account:

/msg NickServ cert add fingerprint

Now move the cert your folder:

mv znc.pem ~/.znc/users/<user>/networks/<network>/moddata/cert/user.pem