💾 Archived View for bbs.geminispace.org › u › gemalaya › 5596 captured on 2023-11-14 at 10:02:57. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-04)
-=-=-=-=-=-=-
Re: " bbs.geminispace.org/u/clseibold/5591 I think I may have..."
Just sent a "Misfin test", it worked.
Sep 26 · 7 weeks ago
🚀 clseibold · Sep 26 at 19:26:
@gemalaya Cool! Thanks for testing! I got your mail but I'm not able to respond (perhaps you haven't setup the server yet, idk). You're using localhost as your hostname. While that is the bind address, it is also setting your certificate hostname to localhost, and so nobody can respond. The python script conflates the SubjAltName with the bind address. In the cert, the DNS should be your public DNS address, whereas the bind address, imo, should be "0.0.0.0", or you need to set it to the IP Address you want to receive data from. So setting the bind to localhost means you can only receive from localhost (which is the problem I had before when I set my domain to resolve to 127.0.0.1).
If I set my domain to resolve to my public ip address, the bind will work, and the cert will work, but I then won't be able to access my own gemini server, because I can't actually use my public ip to access my servers on my own network. This is why you cannot assume the bind is the same as the cert SubjAltName, or assume that the domain name always resolves to the public ip address.
I think the server script could use an option to set the bind hostname independently of the other parameters, so you could use -bind 192.168.1.2 for your internel address
jsut tried sending a message thru gemalaya and it appears to have worked?
🚀 clseibold · Oct 02 at 02:25:
@johano Yes, it worked, but you sent the message 4 different times very quickly. I'm not sure if that's a bug in the client you are using or something else, just wanted to make sure you're aware.
🚀 clseibold · Oct 02 at 02:27:
@johano Also, currently my server lets messages from users that don't have a misfin server running through, but in the future you will be required to have a certificate from a running misfin server in order to send to my misfin server. This is to help prevent spam.
I accept messages without full verification currently because I know that some people don't have the means to run a server, and there are currently no/few hosting providers for misfin.
hmm, not sure what happened there, could be unfamiliarity with gemalaya or just fat fingers :)
— bbs.geminispace.org/u/clseibold/5591
I think I may have fixed my server. Can someone try sending to clseibold@auragem.letz.dev? That would be very much appreciated. Thanks! Also, you can find more info about my situation below: Edit: As I was typing this, I already got a message! It works!