John Peacock wrote:
Chris Lewis wrote:
I note that plugins/tls_cert clobbers the machine's name on Solaris.
It issues `hostname --fqdn` in an attempt to find the machine's full
name, and on Solaris, that's treated as setting the hostname to
"--fqdn". Ouch.
Sorry, that's my fault (but in my defense, you shouldn't be running that
script as root in any case).
True enough.
I'm sure that there is a
platform-independent way to get the hostname, but for the moment you can
just call the script (not as root) with
./plugins/tls_cert --CN your.host.name
[Aside from the error hostname will throw.]
and the cert will still be created (or you can pass in all of the other
options as well, if you care what your cert looks like). I'll look to
protect that `hostname` call...
Any idea why I'd be getting these:
_convert_to_ssl failed (Could not create SSL socket: Socket operation on
non-socket at ./plugins/tls line 158
[At end of _convert_to_ssl(), I'm logging $@ if it's non-null]
It may be that tls plugin's "init" method is NOT being called. The
$self->log() record referencing ciphers from init() doesn't appear in
the logs.
