Friday, November 28, 2008

Howto: BOPM via SSL


This short HOWTO will explain how to setup Blitzed Open Proxy Monitor to connect to an IRC Server via SSL. I expect that you have basic knowledge of Linux/Unix, and already know how to configure/compile, and setup the BOPM as normal.



tools you will need:



• stunnel
• Blitzed Open Proxy Monitor
• An SSL-Capable ircd such as ircd-ratbox



I will assume you already have your SSL-Capable IRCD up and running correctly. I will also assume you have your BOPM up and running correctly. All we are going to do is SSLify it.

Stunnel Setup


• Create a certificate for yourself. You can do this with the following command:
openssl req -new -newkey rsa:1024 -days 365 \
-nodes -x509 -keyout `uname -n`.pem \
-out `uname -n`.pem


• Move or copy the created file, which will be named YOUR_MACHINE_NAME.pem to ~/.YOUR_MACHINE_NAME.pem.
(obviously, YOUR_MACHINE_NAME will be the actual name of your server, such as "leetbox" or something).

• Copy the following text into ~/.stunnel.conf and edit the ip addresses and ports to suit your needs.
cert = /home/YOUR_USERNAME/.YOUR_MACHINE_NAME.pem

[bopm]
; adjust the port number if necessary
accept = 127.0.0.1:8500

; local is the "vhost" stunnel will use to connect to your irc server.
; If you don't use a vhost, leave it commented out.
;local = 0.0.0.0

; connect is the irc server's ip address and port that we are connecting to
connect = 0.0.0.0:6697
client = yes


• Save and close ~/.stunnel.conf. then run:
stunnel ~/.stunnel.conf


• You can test that stunnel is working correctly by connecting to it with telnet.
telnet 127.0.0.1 8500


• If you see the server connect notices, you are in business, otherwise you made a mistake somewhere.

BOPM Setup


• Edit bopm.conf and adjust it's settings as follows:
server = 127.0.0.1
port = 8500



• Save and restart your bopm.
• Your BOPM should now be connected to IRC via SSL.
Post a Comment