๐พ Archived View for bbs.geminispace.org โบ s โบ misfin โบ 5592 captured on 2023-09-28 at 15:56:04. Gemini links have been rewritten to link to archived content
โก๏ธ Next capture (2023-11-04)
-=-=-=-=-=-=-
I think I may have fixed my server. Can someone try sending to clseibold@auragem.letz.dev? That would be very much appreciated. Thanks!
Also, you can find more info about my situation below:
Edit: As I was typing this, I already got a message! It works!
bbs.geminispace.org/u/clseibold/5591
2023-09-26 ยท 2 days ago ยท ๐ gemalaya
Just sent a "Misfin test", it worked.
@gemalaya Cool! Thanks for testing! I got your mail but I'm not able to respond (perhaps you haven't setup the server yet, idk). You're using localhost as your hostname. While that is the bind address, it is also setting your certificate hostname to localhost, and so nobody can respond. The python script conflates the SubjAltName with the bind address. In the cert, the DNS should be your public DNS address, whereas the bind address, imo, should be "0.0.0.0", or you need to set it to the IP Address you want to receive data from. So setting the bind to localhost means you can only receive from localhost (which is the problem I had before when I set my domain to resolve to 127.0.0.1).
If I set my domain to resolve to my public ip address, the bind will work, and the cert will work, but I then won't be able to access my own gemini server, because I can't actually use my public ip to access my servers on my own network. This is why you cannot assume the bind is the same as the cert SubjAltName, or assume that the domain name always resolves to the public ip address.
I think the server script could use an option to set the bind hostname independently of the other parameters, so you could use -bind 192.168.1.2 for your internel address