FabulaTech Forum - Linux server SSL configuration

Apr 16^th, 2024, 12:14pm

Welcome, Guest. Please Login or Register.

FabulaTech Forum
USB Solutions
USB over Network (Moderators: Andrew, Tim_GaliullinFT, Sergey_Jarovski)
Linux server SSL configuration

« Previous topic | Next topic »

Pages: 1

Notify of replies

Author

Topic: Linux server SSL configuration (Read 3619 times)

gbr
FabulaTech Forum Newbie

Posts: 10

Linux server SSL configuration
« on: Aug 30^th, 2018, 8:58am »

Quote

Modify

Hi,

I am willing to make TLS active between windows client and linux server.
Did not find information on how to configure certificate on linux server side.
Could you provide detailed procedure?
Thanks and Regards
Gilles

IP Logged

Sergey_Jarovski
FabulaTech Forum Moderator
FabulaTech Forum God

Gender:

Posts: 556

Re: Linux server SSL configuration
« Reply #1 on: Aug 30^th, 2018, 10:11am »

Quote

Modify

Hi,

Please run daemon with -h key (sudo ./ftusbnetd -h) and look at -s option.

IP Logged

Sergey Jarovski

FabulaTech
===================
http://www.fabulatech.com

gbr
FabulaTech Forum Newbie

Posts: 10

Re: Linux server SSL configuration
« Reply #2 on: Sep 10^th, 2018, 10:48am »

Quote

Modify

Hi,
Ok so I tried with my linux server :
./ftusbnetd -s server.rsa.crt

Then, I configure my WINDOWS client with options :
Require SSL connection : selected
Use trusted authorithy certificate : NOT CHECK, I used SELF SIGNED certificate

Connection status : error Enable SSL

how can I configure properly : I guess I shoud set the server.rsa.crt on client configuration ?
but still not working

Thanks for your feedback

IP Logged

Sergey_Jarovski
FabulaTech Forum Moderator
FabulaTech Forum God

Gender:

Posts: 556

Re: Linux server SSL configuration
« Reply #3 on: Sep 11^th, 2018, 10:43am »

Quote

Modify

Hi again,

You must enable both ("Use trusted authority certificate" and "Use client authentication certificate") options in USB over Network (client) GUI:
https://www.fabulatech.com/usb-over-network-client-help/client-settings-ssl.html
and specify your trusted and client certificates

IP Logged

Sergey Jarovski

FabulaTech
===================
http://www.fabulatech.com

gbr
FabulaTech Forum Newbie

Posts: 10

Re: Linux server SSL configuration
« Reply #4 on: Sep 11^th, 2018, 3:54pm »

Quote

Modify

Thanks,

but I am not sure to get the point:

from the client point of view, client should authenticate the server (then SSL ciphering would be handshaked)

So I understand client configuration needs server certificate as an hard-coded acknowledgment
=> I have generate rsa.crt and key on server side with linux openssl command, OK.

but, why do I need client certificate , and where does it come from ?

thanks for your help

IP Logged

gbr
FabulaTech Forum Newbie

Posts: 10

Re: Linux server SSL configuration
« Reply #5 on: Sep 24^th, 2018, 1:22pm »

Quote

Modify

Hi again,
On server side :

D: 1537791656: net_init_cb: enabling SSL
W: 1537791656: SSLv23_server_method: no such function
E: 1537791656: fdchan_io_ssl_server_create: error:140A90C4:SSL routines:func(169):reason(196)
E: 1537791656: net_init_cb: failed to create SSL server object
D: 1537791656: net_close: closing channel, fd=18

Hope it can help, I continue investigation

IP Logged

gbr
FabulaTech Forum Newbie

Posts: 10

Re: Linux server SSL configuration
« Reply #6 on: Sep 24^th, 2018, 1:26pm »

Quote

Modify

Quite sure : SSLV2/3 no more supported due to vulnerability, so linux SSL layer reject CLIENT hello

What can you do about it, e.g CLIENT shall sue TLS instead

Thanks

IP Logged

gbr
FabulaTech Forum Newbie

Posts: 10

Re: Linux server SSL configuration
« Reply #7 on: Mar 11^th, 2019, 1:49pm »

Quote

Modify

Hi support Team,

reagrding this issue , did you mae a correction in the usb over network software ?

Thanks for your fedback

with best regards

GB.

IP Logged

Pages: 1

Notify of replies


« Previous topic \| Next topic »