1. Forum
  2. Fido
  3. SYNCHRONET

  • Installing manually obtained let's encrypt certificate

    From Dumas Walker@1:103/705 to Digital Man on Sat Feb 14 14:55:10 2026
    Since letsyncrypt isn't working here and the irc is down, I decided to figure out how to get the cert on my own.

    Let's Encrypt has a nice bit of software that installed easily and works just fine. I can apparently set it up with cron to run when I need it to. It created certificates without any issue. The problem now is that I cannot figure out where synchronet expects to find these certificates (aside from the self-signed one). There is some nice documentation on the wiki for importing these into Hiawatha, but not any on getting the synchronet webserver to find or import them.

    There is an entry about using something called certtool but that utility is old and appears broken so I hope that isn't the answer.

    ./jsexec certtool --import /etc/letsencrypt/live/capitolcityonline.net/fullchain.pem

    Throws a cryptlib error -43.

    Thanks!
    ---
    þ Synchronet þ CAPCITY2 * Capitol City Online
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to Dumas Walker on Sat Feb 14 18:54:10 2026
    Re: Installing manually obtained let's encrypt certificate
    By: Dumas Walker to Digital Man on Sat Feb 14 2026 02:55 pm

    Since letsyncrypt isn't working here and the irc is down, I decided to figure out how to get the cert on my own.

    IRC is working fine. I'm on it right now.
    --
    digital man (rob)

    Rush quote #61:
    He's a rebel and a runner, he's a signal turning green .. New World Man
    Norco, CA WX: 56.4øF, 81.0% humidity, 3 mph WNW wind, 0.00 inches rain/24hrs --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Digital Man@1:103/705 to Dumas Walker on Sat Feb 14 19:00:20 2026
    Re: Installing manually obtained let's encrypt certificate
    By: Dumas Walker to Digital Man on Sat Feb 14 2026 02:55 pm

    Since letsyncrypt isn't working here and the irc is down, I decided to figure out how to get the cert on my own.

    Let's Encrypt has a nice bit of software that installed easily and works just fine. I can apparently set it up with cron to run when I need it to.
    It created certificates without any issue. The problem now is that I cannot figure out where synchronet expects to find these certificates (aside from the self-signed one).

    The filename and location is the same, whether it self-signed or signed by a CA (e.g. letsyncrypt), it's ctrl/ssl.cert: https://wiki.synchro.net/config:ssl.cert

    There is an entry about using something called certtool but that utility is old and appears broken so I hope that isn't the answer.

    ./jsexec certtool --import /etc/letsencrypt/live/capitolcityonline.net/fullchain.pem

    Throws a cryptlib error -43.

    ../../3rdp_src/cl/cryptlib.h:#define CRYPT_ERROR_NOTFOUND ( -43 ) /* Requested item not found in object */

    Most likely, it just doesn't support the format of the .pem file.

    I think the --import option expects a pkcs7 certificate, while
    the --import-pkcs12 option expects a pkcs12 certificate.

    The utility works for those that know how to work it.
    --
    digital man (rob)

    Breaking Bad quote #25:
    Now if I could only learn how to lick myself. - Hank Schrader
    Norco, CA WX: 56.4øF, 81.0% humidity, 3 mph WNW wind, 0.00 inches rain/24hrs --- SBBSecho 3.37-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)