search for: forcessl

...he mailing-list, I have done some tests with nut trunk and - if my config is not too bad - I think ther is a bug with server certificate verification. With a clean trunk checkout, compile and installation; and with the following config : upsmon.conf: CERTPATH /usr/local/ups/etc/cert/ CERTVERIFY 1 FORCESSL 1 Upsd.conf: CERTFILE /usr/local/ups/etc/upsd1.pem And /usr/local/ups/etc/cert/ is empty (no file). When I start upsd and upsmon, there is a valid SSL connection between them. So, do I misunderstand CERTVERIFY directive ? Or is there a bug ? Can you reproduce such behaviour ? BR, Emilien ----...

...pt 0pt 0pt 0.8ex; borde= r-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> With a clean trunk checkout, compile and installation; and with the<br> following config :<br> <br> upsmon.conf:<br> CERTPATH /usr/local/ups/etc/cert/<br> CERTVERIFY 1<br> FORCESSL 1<br> </blockquote> <br></div> First off, you&#39;re not supposed to use both CERTVERIFY and FORCESSL. FOR= CESSL is intended to be used in cases you can&#39;t verify the validity of = a certificate, but still want to enforce the use of any presented. See the = &...

...;allow,deny', ); /* End of servers configuration */ $cfg['blowfish_secret'] = '4c74332d81b5c0.29678885'; $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; $cfg['DefaultLang'] = 'en-utf-8'; $cfg['ServerDefault'] = 1; $cfg['ForceSSL'] = true; $cfg['AllowAnywhereRecoding'] = true; $cfg['UseDbSearch'] = false; $cfg['ShowPhpInfo'] = true; $cfg['LeftDisplayServers'] = true; $cfg['DisplayServersList'] = true; ?> THIS WORKS <?php /* * Generated configuration file * Generated by: p...

...IES 1 SHUTDOWNCMD "/sbin/shutdown -h +1" POLLFREQ 10 POLLFREQALERT 10 HOSTSYNC 15 DEADTIME 20 POWERDOWNFLAG /etc/killpower RBWARNTIME 432000 NOCOMMWARNTIME 300 FINALDELAY 4 CERTPATH /etc/letsencrypt/live/REDACTED/ # CERTHOST <hostname> <certificate name> <certverify> <forcessl> # CERTVERIFY 1 # FORCESSL 0 MONITOR 850PRO at localhost 1 admin 1401 master SHUTDOWNCMD "/sbin/shutdown -h now" HOSTSYNC 15 POWERDOWNFLAG /etc/nut/killpower FINALDELAY 5 NOTIFYCMD /sbin/upssched NOTIFYMSG ONBATT "%s is on battery" NOTIFYMSG ONLINE "%s is back online&quo...

Hello All 2015-03-26 9:03 GMT+01:00 Arnaud Quette <arnaud.quette at gmail.com>: > > > What I will do is to move ssl initializing after usering and forking, > than add key file right checking where ssl was initialized before (before > forking). > > As keys should be owned by nut user, this would not be a problem. > > And moving this code, independently of SSL

...YFLAG COMMOK   SYSLOG+WALL > NOTIFYFLAG COMMBAD  SYSLOG+WALL > NOTIFYFLAG SHUTDOWN SYSLOG+WALL > NOTIFYFLAG REPLBATT SYSLOG+WALL > NOTIFYFLAG NOCOMM   SYSLOG+WALL > NOTIFYFLAG NOPARENT SYSLOG+WALL > RBWARNTIME 43200 > NOCOMMWARNTIME 300 > FINALDELAY 60 > CERTVERIFY 0 > FORCESSL 0 > > Another thing worth noting, and probably unrelated to this specific > scenario, is somehow I have a "nut" user and a "nutuser" user.  I don't > know how that happened.  On my Debian setup (details in previous > message), user "nutuser" does...

Hello all. Thx for the log-tip. It was a access right violation on /etc.../letsencrypt/....cert . The folder was own by root:root Had to create a group nutusers including root and my nut users. After that, had to change the chmod for the folder from 755 to 775 Now, running upsc -l Init SSL without certificate database 850PRO Witch is better. But still problématic wuth the init ssl