-- Leo's gemini proxy
-- Connecting to gemini.bunburya.eu:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; lang=en-IE
From: rtr <rtr@haraya.invalid>
Subject: Re: Molly Brown and Yggdrasil
Date: Thu, 10 Feb 2022 17:13:50 +0800
Message-ID: <87fsor13u9.fsf@haraya.local.net>
Martin <martin@datapulp.de> writes:
> Am 09.02.22 um 01:00 schrieb rtr:
>> Hi Martin, I was able to make the capsule work.
> Hi rtr,
>
> I'm not that successful up to now:
>
> I can ping your host via yggdrasil.
> I can ping my vps via yggdrasil.
>
> .. but I can't call your capsule or my capsule, same error:
>
>
> Loading gemini://[209:dead:1cc2:970:637b:450f:6575:9a24]/~/rtr/...
> ╔═════════════════════ URL Fetch Error ═════════════════════╗
> ║ ║
> ║ Failed to connect to the server: hostname does not ║
> ║ verify: x509: certificate relies on legacy Common Name ║
> ║ field, use SANs instead. ║
> ║ ║
> ║ Ok ║
> ║ ║
> ╚═══════════════════════════════════════════════════════════╝
>
>
>
> I'm using amfora. I made my certificate this way, would the CN be ok
> in your eyes? How did you do it? Which browser do you use?
>
> openssl req -x509 -newkey rsa:4096 -days 36500 -nodes \
> -keyout yggdrasil.key -out yggdrasil.crt -subj \
> "/CN=201:112e:4d49:1af1:9190:6da8:bf38:aa9d"
>
> But: THIS IS THE WRONG WAY
>
> I successfully created a self signed certificate for localhost, but I
> never managed to call the gemini server just by it's ip, always I need
> to call it localhost.
>
> I googled a lot but up to now I did not find a way to work just with ip.
>
Hi Martin,
That's odd. I was able to access my capsule in Yggdrasil through Elpher
and Lagrange. I've just tried Amfora and I can confirm that that error
does show up on my end too.
I've used roughly the same command as you did above. I've set the CN
variable to the IP address of my Yggdrasil machine. If that's the wrong
way then I have no idea at the moment to properly do it. I've just
looked into SAN but I'll probably need to look at it when I have more
time in my hands.
Also, I don't think setting the HOSTNAME variable to localhost will work
since Molly Brown assumes that the variable to be connectable
from the outside. If that would be an issue, probably something like
gnmisrv might be more apt since it (seems) to not look for a hostname
variable [1].
One solution that I'm thinking right now is to just get a DNS record for
your Yggdrasil capsule. I believe you can use Alfis to do this
[2]. I haven't messed around with DNS for Yggdrasil yet though so I
don't have any informed opinion about that.
Cheers!
[1] https://sr.ht/~sircmpwn/gmnisrv/
[2] https://github.com/Revertron/Alfis
--
Ang kalayaan ay dili gihatag, ini'y giabot.
--
{gemini,gopher}://kalayaan.xyz
Parent:
Start of thread:
-- Response ended
-- Page fetched on Sat Jun 1 14:16:23 2024