[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane
From: |
SciFi |
Subject: |
[Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)) |
Date: |
Thu, 10 Nov 2011 21:45:57 +0000 (UTC) |
User-agent: |
Pan/0.135 (Tomorrow I'll Wake Up and Scald Myself with Tea; GIT af30a8b (github.com/judgefudge/pan2/master); x86_64-apple-darwin10.8.0; gcc-4.2.1 (Apple build 5666 (dot 3)); 32-bit mode) |
Hi,
I am now at your GIT af30a8b master.
I ran three separate tests:
1 - gn+aw (but aw=0, effectively only gn)
2 - aw-only
3 - gmane
-*- 1. -*-
I configured the gn & aw servers for their SSL connections etc.
But I put the #-sessions for aw to '0' to use only gn this time.
I made sure the $PAN_HOME/ssl_certs subdir was empty for this setup.
Then started Pan. Here is what I did & saw on terminal/console:
>>>>
$ pan
[…I added a "Refresh Group List" to the queue,
then put Pan on-line…
…1 item is showing in the queue…]
/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
/C=US/O=GeoTrust Inc./OU=Domain Validated SSL/CN=GeoTrust DV SSL CA
[…meaning I got only one cert panel for gn,
I clicked the 'Apply' button on it…]
[…waited a bit…]
[…nothing else happening,
with 1 item still showing in the queue
and "No Connections"…]
[Ctrl+Q]
$ ls -al $PAN_HOME/ssl_certs
total 4
drwxr-xr-x 2 scifi staff 102 Nov 10 12:18 .
drwxr-xr-x 7 scifi staff 1020 Nov 10 12:19 ..
-rw------- 1 scifi staff 1440 Nov 10 12:18 news.giganews.com.pem
[…nothing for aw this time of course…]
<<<<
The Event Log for this session said same thing as before,
>>>>
[date-time] Succesfully added 1 SSL PEM certificate(s) to Certificate Store.
[date-time] Error adding certificate of server 'news.giganews.com' to
Certificate Store
<<<<
yes both msgs despite the new file shown
(which looks okay to me i.e. a proper PEM file AFAICT). ;)
-*- 2. -*-
I have an aw-only setup also here.
It seems to work with your GIT af30a8b master.
(PAN_HOME is set to a different place than above)
I made sure the $PAN_HOME/ssl_certs subdir was empty for this setup.
>>>>
$ pan
[…added a "Refresh Group List" item to the queue,
then put Pan on-line…]
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy
Validation Authority/CN=http://www.valicert.com//address@hidden
/L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy
Validation Authority/CN=http://www.valicert.com//address@hidden
[…I think the cert/Apply panel only showed once…]
[…it then did run the "Refresh Group List"
and also I fetched new-headers for the subscribed groups
and I could actually see/read some text posts
etc…]
[Ctrl+Q]
$ ls -al $PAN_HOME/ssl_certs
total 4
drwxr-xr-x 2 scifi staff 102 Nov 10 12:48 .
drwxr-xr-x 5 scifi staff 680 Nov 10 12:51 ..
-rw------- 1 scifi staff 1066 Nov 10 12:48 ssl.astraweb.com.pem
<<<<
And there are no errors shown in this Event Log.
Later I set the aw servers to use specifically
- ssl-us.astraweb.com (primary)
- ssl-eu.astraweb.com (fallback)
and had these fetch new-headers etc.
but it still has the single PEM file there.
-*- 3. -*-
Now the test with gmane ssl.
Completely separate PAN_HOME again.
No worky.
Its $PAN_HOME/ssl_certs subdir empty.
>>>>
$ pan
[…added a "Refresh Group List",
shows 1 item in the queue…]
/C=NO/ST=Some-State/L=Oslo/O=Gmane/CN=news.gmane.org/address@hidden
/C=NO/ST=Some-State/L=Oslo/O=Gmane/CN=news.gmane.org/address@hidden
/C=NO/ST=Some-State/L=Oslo/O=Gmane/CN=news.gmane.org/address@hidden
/C=NO/ST=Some-State/L=Oslo/O=Gmane/CN=news.gmane.org/address@hidden
[…it presented the gmane cert twice (not four),
clicked 'Apply' on them…]
[…waited a bit…]
[…nothing further,
still 1 item in the queue
and "No Connections"…]
[…saved the Event Log…]
[Ctrl+Q]
<<<<
There is a PEM stored:
>>>>
$ ls -al $PAN_HOME/ssl*
total 4
drwxr-xr-x 2 scifi admin 102 Nov 10 13:04 .
drwxr-xr-x 8 scifi admin 782 Nov 10 13:05 ..
-rw------- 1 scifi admin 1208 Nov 10 13:04 80.91.229.10.pem
<<<<
The Event Log only shows this one error:
>>>>
[date-time] Error adding certificate of server '80.91.229.10' to Certificate
Store
<<<<
however no "Successful" line at all was recorded there.
-*- epilogue -*-
I ran each test separately,
no multiple Pan tasks this time.
I guess I'll await further instructions from you. ;)
Meanwhile I will use plaintext modes
and/or use stunnel (admittedly not so fast anymore).
- Re: [Pan-devel] ANN: SSL Support, Domain Admin, 2011/11/03
- Re: [Pan-devel] ANN: SSL Support, Heinrich Mueller, 2011/11/04
- Re: [Pan-devel] ANN: SSL Support, Heinrich Müller, 2011/11/07
- Re: [Pan-devel] ANN: SSL Support, Darren A, 2011/11/07
- Re: [Pan-devel] ANN: SSL Support, SciFi, 2011/11/08
- Re: [Pan-devel] ANN: SSL Support, Heinrich Müller, 2011/11/09
- [Pan-devel] at bb11b8e now: no crash, but still no cigar (Re: ANN: SSL Support), SciFi, 2011/11/09
- Re: [Pan-devel] at bb11b8e now: no crash, but still no cigar (Re: ANN: SSL Support), Heinrich Müller, 2011/11/10
- [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)),
SciFi <=
- Re: [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Duncan, 2011/11/11
- Re: [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/11
- Re: [Pan-devel] at af30a8b is closer: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), Heinrich Müller, 2011/11/11
- [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), SciFi, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), SciFi, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), SciFi, 2011/11/11
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/12
- Re: [Pan-devel] at b2069b3 now -- I think I figured-out one little thing (Re: ANN: SSL Support)), Heinrich Mueller, 2011/11/12
- [Pan-devel] at GIT 6ffb80b still the same here: seems AW works, but not GN nor Gmane (Re: ANN: SSL Support)), SciFi, 2011/11/16