Hello, I'm testing the establishment of remote TLS connection using self-signed certificates generated locally. The netopeer2 version is 2.2.28.
But when I try to connect, the netopeer2-cli reports an error:
> connect --tls --host 172.16.26.221 --cert client.crt --key client.key --trusted ca.pem
nc ERROR: SSL connect to "172.16.26.221" failed (Connection reset by peer).
cmd_connect: Connecting to the 172.16.26.221:6513 failed.
And the server outputs
[INF]: LN: Accepted a connection on 0.0.0.0:6513 from 172.16.28.168:34472.
The netopeer2 client's IP is 172.16.28.168, netopeer2-server's IP is 172.16.26.221.
Here are the steps I took to generate certificates:
1. certificate of CA
openssl genrsa -out ca.key 2048
openssl req -x509 -new -nodes -key ca.key -sha256 -days 1024 -out ca.pem
2. certificate of server
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr (I set the Common Name to 172.16.26.221 here)
openssl x509 -req -in server.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out server.crt -days 500 -sha256
3. certificate of client
openssl genrsa -out client.key 2048
openssl req -new -key client.key -out client.csr (I set the Common Name to 172.16.28.168 here)
openssl x509 -req -in client.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out client.crt -days 500 -sha256
4. prepare XMLs and load them into sysrepo, and start netopeer2-server
sysrepocfg --edit=tls_keystore.xml
sysrepocfg --edit=tls_truststore.xml
sysrepocfg --edit=tls_listen.xml
netopeer2-server -d -v2
5. at client side, start netopeer2-cli and connect
netopeer2-cli
> connect --tls --host 172.16.26.221 --cert client.crt --key client.key --trusted ca.pem
nc ERROR: SSL connect to "172.16.26.221" failed (Connection reset by peer).
cmd_connect: Connecting to the 172.16.26.221:6513 failed.
I can successfully establish netconf connection using SSH between client and server, and also local TLS with certificates in example_configurations provided in netopeer2 source code.
Here are all the certificates and xmls I use:
tls_certs.zip
My host environment is ubuntu 22.04.
The openssl version is OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
Hello, I'm testing the establishment of remote TLS connection using self-signed certificates generated locally. The netopeer2 version is 2.2.28. But when I try to connect, the netopeer2-cli reports an error:
And the server outputs
The netopeer2 client's IP is 172.16.28.168, netopeer2-server's IP is 172.16.26.221.
Here are the steps I took to generate certificates:
I can successfully establish netconf connection using SSH between client and server, and also local TLS with certificates in example_configurations provided in netopeer2 source code. Here are all the certificates and xmls I use: tls_certs.zip My host environment is ubuntu 22.04. The openssl version is OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
Can you have a look? Thank you very much.