Hi,
FYI, site and IP masked ....
root@debian:~# gnutls-cli -V --no-ca-verification something.com
Processed 0 CA certificate(s).
Resolving 'something.com'...
Connecting to '1.2.3.4:443'...
*** Non fatal error: A TLS warning alert has been received.
*** Received alert [112]: The server name sent was not recognized
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
- X.509 Certificate Information:
Version: 3
Serial Number (hex): 00e16f4726677d6dcf83f378c311970b76
Issuer: C=GB,ST=Greater Manchester,L=Salford,O=COMODO CA
Limited,CN=EssentialSSL CA
Validity:
Not Before: Sun Jan 05 00:00:00 UTC 2014
Not After: Mon Jan 05 23:59:59 UTC 2015
Subject: OU=Domain Control Validated,OU=EssentialSSL,CN=
something.com
Subject Public Key Algorithm: RSA
Algorithm Security Level: Medium (2048 bits)
Modulus (bits 2048):
00:ba:f4:9c:45:d8:ef:91:3a:4b:fa:dc:e6:3e:c5:de
47:27:d8:ea:65:cd:7a:d6:bf:41:47:0b:04:fa:f8:d2
70:d7:e7:59:cb:82:6b:f4:7f:9d:5a:a7:b9:34:fe:e9
6e:dc:47:3c:06:a2:96:00:44:e9:6a:b2:7f:89:8d:7d
3d:7a:51:9b:a4:8e:c5:93:93:5c:65:e6:2f:e5:cf:0a
52:73:7d:57:9d:b6:46:3c:ff:ed:3b:07:42:a2:94:0c
ed:cd:a8:e2:08:de:36:36:2f:b3:fc:55:d8:f8:5b:3d
f9:74:26:8b:a8:85:bb:a4:c6:64:97:74:da:ad:a7:6a
3d:18:a3:d6:0f:1a:69:d1:a1:2c:fe:b6:61:45:77:f7
69:dd:ec:81:b1:c2:e1:eb:c2:0d:00:3f:03:1a:18:d6
bb:c1:40:0f:6d:b7:24:f5:e7:c0:ef:95:58:dc:f0:42
bf:12:fa:51:55:fb:a8:11:a4:3b:0b:8c:16:df:9e:9d
ca:36:d0:24:90:15:97:dd:3e:10:4e:ea:09:de:9c:f2
19:54:7c:00:a4:02:10:48:07:91:c0:f7:43:6e:62:8b
f0:73:43:d4:d2:2a:1c:44:aa:8f:f9:fa:42:ad:93:19
b6:7f:8a:22:80:8b:91:b0:c0:60:f2:3e:88:9c:9a:9b
e3
Exponent (bits 24):
01:00:01
Extensions:
Authority Key Identifier (not critical):
dacbeaad5b085dccfffc2654ce49e555c638f4f8
Subject Key Identifier (not critical):
a05967511c994cebbb7edbadf838f51f6e559d29
Key Usage (critical):
Digital signature.
Key encipherment.
Basic Constraints (critical):
Certificate Authority (CA): FALSE
Key Purpose (not critical):
TLS WWW Server.
TLS WWW Client.
1.3.6.1.4.1.311.10.3.3
2.16.840.1.113730.4.1
Certificate Policies (not critical):
1.3.6.1.4.1.6449.1.2.2.7
URI: https://secure.comodo.com/CPS
2.23.140.1.2.1
CRL Distribution points (not critical):
URI: http://crl.comodoca.com/EssentialSSLCA.crl
Authority Information Access (not critical):
Access Method: 1.3.6.1.5.5.7.48.2 (id-ad-caIssuers)
Access Location URI:
http://crt.comodoca.com/EssentialSSLCA_2.crt
Access Method: 1.3.6.1.5.5.7.48.1 (id-ad-ocsp)
Access Location URI: http://ocsp.comodoca.com
Subject Alternative Name (not critical):
DNSname: something.com
DNSname: www.something.com
Signature Algorithm: RSA-SHA1
Signature:
8f:dc:87:15:26:00:02:fd:39:59:c6:97:c5:47:97:8f
a5:d6:bf:71:11:92:d0:cb:4b:51:10:cc:08:31:b5:df
8d:61:a1:7e:56:ef:77:d2:eb:ff:4f:d5:7c:cb:30:73
65:f0:47:e5:68:0e:c7:e3:6d:de:a1:2a:80:7c:dd:f6
e3:85:7e:b8:30:15:eb:c9:56:7d:0d:c5:34:68:9b:6a
9c:a5:30:d1:11:64:f4:1b:70:56:bd:13:ad:92:85:61
8e:e9:6d:eb:27:c9:6b:ad:34:6f:cc:c0:6a:3d:72:68
f2:f2:39:f4:77:b1:96:e6:5d:ea:9d:49:18:cf:51:fc
84:d1:37:5f:15:62:ab:23:47:33:a2:83:04:57:1d:45
94:ba:e3:77:45:6f:df:1d:e9:02:e6:1c:5e:a1:89:44
d3:98:f4:6b:8f:ae:5b:c9:3c:46:dd:b7:0a:98:ff:43
6d:e0:44:3b:8f:a5:48:49:8e:50:85:e1:37:d9:c6:7f
aa:5a:47:eb:31:12:16:7b:24:cd:ea:a6:a4:b0:ee:53
f0:9b:78:0e:f8:bb:50:2c:67:c8:d7:21:21:bb:2b:0e
be:92:d0:d1:9d:57:95:da:ec:f0:83:fb:6e:e6:0d:48
6e:61:6a:a5:72:e5:04:20:7f:bb:03:bb:6d:25:72:1d
Other Information:
SHA1 fingerprint:
<masked>
SHA256 fingerprint:
713de0aa0905319f63031295bddabf96b5d110fb2088957291373a3430b12e52
Public Key ID:
90920812ac10b011de87c7457c812b379a8c4476
Public key's random art:
+--[ RSA 2048]----+
|@+ oo... |
|+=.+oE.+ . |
|+.+o++o o |
|. .oo = |
| . o = S |
| . + |
| |
| |
| |
+-----------------+
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIRAOFvRyZnfW3Pg/N4wxGXC3YwDQYJKoZIhvcNAQEFBQAw
cjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxGDAWBgNV
BAMTD0Vzc2VudGlhbFNTTCBDQTAeFw0xNDAxMDUwMDAwMDBaFw0xNTAxMDUyMzU5
NTlaMFIxITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDEVMBMGA1UE
CxMMRXNzZW50aWFsU1NMMRYwFAYDVQQDEw1ubWF0cml4LmNvLnphMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvScRdjvkTpL+tzmPsXeRyfY6mXNeta/
QUcLBPr40nDX51nLgmv0f51ap7k0/ulu3Ec8BqKWAETparJ/iY19PXpRm6SOxZOT
XGXmL+XPClJzfVedtkY8/+07B0KilAztzajiCN42Ni+z/FXY+Fs9+XQmi6iFu6TG
ZJd02q2naj0Yo9YPGmnRoSz+tmFFd/dp3eyBscLh68INAD8DGhjWu8FAD223JPXn
wO+VWNzwQr8S+lFV+6gRpDsLjBbfnp3KNtAkkBWX3T4QTuoJ3pzyGVR8AKQCEEgH
kcD3Q25ii/BzQ9TSKhxEqo/5+kKtkxm2f4oigIuRsMBg8j6InJqb4wIDAQABo4IB
wzCCAb8wHwYDVR0jBBgwFoAU2svqrVsIXcz//CZUzknlVcY49PgwHQYDVR0OBBYE
FKBZZ1EcmUzru37brfg49R9uVZ0pMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
AjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJ
YIZIAYb4QgQBME8GA1UdIARIMEYwOgYLKwYBBAGyMQECAgcwKzApBggrBgEFBQcC
ARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMDsGA1Ud
HwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0Vzc2VudGlhbFNT
TENBLmNybDBuBggrBgEFBQcBAQRiMGAwOAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQu
Y29tb2RvY2EuY29tL0Vzc2VudGlhbFNTTENBXzIuY3J0MCQGCCsGAQUFBzABhhho
dHRwOi8vb2NzcC5jb21vZG9jYS5jb20wKwYDVR0RBCQwIoINbm1hdHJpeC5jby56
YYIRd3d3Lm5tYXRyaXguY28uemEwDQYJKoZIhvcNAQEFBQADggEBAI/chxUmAAL9
OVnGl8VHl4+l1r9xEZLQy0tREMwIMbXfjWGhflbvd9Lr/0/VfMswc2XwR+VoDsfj
bd6hKoB83fbjhX64MBXryVZ9DcU0aJtqnKUw0RFk9BtwVr0TrZKFYY7pbesnyWut
NG/MwGo9cmjy8jn0d7GW5l3qnUkYz1H8hNE3XxViqyNHM6KDBFcdRZS643dFb98d
6QLmHF6hiUTTmPRrj65byTxG3bcKmP9DbeBEO4+lSEmOUIXhN9nGf6paR+sxEhZ7
JM3qpqSw7lPwm3gO+LtQLGfI1yEhuysOvpLQ0Z1Xldrs8IP7buYNSG5haqVy5QQg
f7sDu20lch0=
-----END CERTIFICATE-----
- Description: (TLS1.2)-(RSA)-(AES-128-GCM)
- Session ID:
2B:58:9A:ED:BF:A2:2C:E1:2E:E6:77:A7:1E:1D:0B:73:C9:13:CA:5E:23:25:94:94:B9:CC:DE:B2:D3:FB:8B:DF
- Version: TLS1.2
- Key Exchange: RSA
- Cipher: AES-128-GCM
- MAC: AEAD
- Compression: NULL
- Channel binding 'tls-unique': 1a74c4f293e3050bc399c049
- Handshake was completed
- Simple Client Mode:
- Sent: 1 bytes
- Peer has closed the GnuTLS connection
root@debian:~#
1)
I'm not sure, the DL never starts, but I can't be sure if its the NZB
grabbing, or the
actualt data DL that fails, there's no other error in the log, but the TSL
error.
The news source (tweaknews) runs unencrypted, while the NZB source's HTTPS,
so I would assume it's the NZB grabbing that fails.
2)
MainDir=/mnt/nzb
DestDir=${MainDir}/done
InterDir=${MainDir}/tmp
NzbDir=${MainDir}/drop
QueueDir=${MainDir}/queue
TempDir=${MainDir}/tmp
WebDir=/usr/share/nzbget/webui
ScriptDir=${MainDir}/scripts
LockFile=/var/run/nzbget.lock
LogFile=${MainDir}/nzbget.log
ConfigTemplate=/usr/share/nzbget/webui/nzbget.conf
Server1.Active=yes
Server1.Name=Tweaknews
Server1.Level=0
Server1.Group=0
Server1.Host=news.tweaknews.eu
Server1.Port=119
Server1.Username=anna
Server1.Password=verysecret
Server1.JoinGroup=no
Server1.Encryption=no
Server1.Cipher=
Server1.Connections=10
ControlIP=0.0.0.0
ControlPort=8080
ControlUsername=nzbget
ControlPassword=verysecret
SecureControl=no
SecurePort=1234
SecureCert=
SecureKey=
AuthorizedIP=
DaemonUsername=anna
UMask=1000
Category1.Name=Movies
Category1.DestDir=
Category1.Unpack=yes
Category1.PostScript=
Category1.Aliases=
Category2.Name=Series
Category3.Name=Music
Category4.Name=Software
AppendCategoryDir=no
NzbDirInterval=5
NzbDirFileAge=60
DupeCheck=yes
SaveQueue=yes
ReloadQueue=yes
ContinuePartial=yes
Decode=yes
DirectWrite=yes
CrcCheck=yes
Retries=3
RetryInterval=10
ConnectionTimeout=60
TerminateTimeout=600
DownloadRate=0
AccurateRate=no
WriteBufferSize=0
DiskSpace=250
DeleteCleanupDisk=yes
NzbCleanupDisk=yes
KeepHistory=30
FeedHistory=7
UrlConnections=4
UrlForce=yes
CreateLog=yes
ResetLog=no
ErrorTarget=log
WarningTarget=log
InfoTarget=log
DetailTarget=log
DebugTarget=log
LogBufferSize=1000
CreateBrokenLog=no
DumpCore=no
TimeCorrection=0
OutputMode=curses
CursesNzbName=yes
CursesGroup=no
CursesTime=no
UpdateInterval=200
ParCheck=auto
ParRepair=yes
ParScan=auto
ParRename=yes
HealthCheck=delete
ParTimeLimit=0
ParPauseQueue=yes
ParCleanupQueue=yes
ExtCleanupDisk=.par2, .sfv, _brokenlog.txt
Unpack=yes
UnpackPauseQueue=yes
UnpackCleanupDisk=yes
UnrarCmd=unrar
SevenZipCmd=7zr
PostScript=
ScriptOrder=
ScriptPauseQueue=yes
