Closed jazzi closed 7 months ago
jazzi
commented
7 months ago Problem resolved. Agate will generate the keys automatically. Just remove the two options for key and cert, then everything goes fine.
If the
--hostnameargument is used, Agate will generate keys and self signed certificates for each hostname specified.
Check the agate instructions here
mbrubeck
commented
7 months ago Agate's key/certificate format and related command-line options changed in version 3.0. It’s no longer necessary to generate certificates yourself or pass their location on the command line, since Agate will generate them automatically. See the current README for more details.
If you do want to use a certificate you generated yourself, it should now be in DER format. You can convert an existing certificate from PEM to DER using openssl, for example:
openssl x509 -in cert.pem -out cert.derThanks @mbrubeck for the clarification and the README link, these does help a lot.
However I encountered another problem with directory .certificates writing permission problem when trying to enable agate.service with systemctl and finally found the solution here. For the record, what need to be done is specify the location in [Service] as below:
[Unit]
Description=Agate Gemini Server
After=network.target
[Service]
Type=simple
User=g000
Group=g000
WorkingDirectory=/srv/www/gemini
ExecStart=/srv/www/gemini/scripts/start
[Install]
WantedBy=default.targetAnyway, it's up and running now. [The first Gemini tea space]|(gemini://teahacker.com)
Hi,
Run the following command and get error: Unrecognized option: 'key' And Unrecognized option: 'cert'
!/bin/bash
I run the following command to create the certificate:
openssl req -x509 -newkey rsa:4096 -keyout /srv/www/gemini/certs/key.rsa -out /srv/www/gemini/certs/cert.pem -days 3650 -nodes -subj "/CN=teagaga.com"I will appreciate if anyone point out what's going on. Thank you.