TZUTC: -0800
MSGID: 58801.sync_sys@1:103/705 2d735aae
REPLY: 58800.sync_sys@1:103/705 2d731b17
PID: Synchronet 3.21a-Linux master/d39e01091 Nov 03 2025 GCC 12.2.0
TID: SBBSecho 3.31-Linux master/d39e01091 Nov 03 2025 GCC 12.2.0
COLS: 80
BBSID: VERT
CHRS: CP437 2
FORMAT: flowed
NOTE: FSEditor.js v1.105
  Re: How do  I install an Lets Encrypt Certificate.
  By: Mojo to DOVE-Net.Synchronet_Sysops on Thu Nov 06 2025 11:50 am

 > Hi all,
 >
 > I am trying to install a lets encrypt certificate generated via certbot
 > that comes with debian/ubuntu.
 >
 > It gives me the following files
 > cert.pem
 > chain.pem
 > fullchain.pem (a combination of the previous two it looks like)
 > privkey.pam
 >
 > I disabled the generate self-signed key in scfg.  But I left both
 > cryptlib.key and ssl.cert in place.
 >
 > Things that i have tried.
 > 1.
 > jsexec certtool --import ./fullchain.pem
 > result: "!JavaScript  /home/synchronet/sbbs/exec/certtool.js line 70:
 > Error: CryptLib error -43"

cryptlib.h:#define CRYPT_ERROR_NOTFOUND ( -43 ) /* Requested item not found in
object */

I'd try that again with a different/bogus path to the pem file to see if the
error changes (i.e. it's complaining about an object *within* the file instead
of the file itself).

 > The fullchain.pem looks the same as the example here
 > https://wiki.synchro.net/module:certtool

That's promising.

 > 2.
 > I tried adding the folloing to the bottom of the [Mail] section in
 > sbbs.ini:
 >      Secure = true
 >      CertificateFile = ./ssl_certs/fullchain.pem
 >      KeyFile = ./cryptlib.key

Those keys don't seem to be supported or documented anywhere. How'd you come
up with that?

 > result: cannot connenct to port 995

That just suggests that your TCP port 995 isn't open or sbbs isn't listening
on it. The [mail] Options TLS_POP3 option must be included (which is by
default) and the TLSPOP3Port option must be set to 995 (also the default) and
your sbbs log output (e.g. syslog) would tell if if it's in fact listening on
that port or not. This is completely unrelated to any certificate or key file.
-- 
                                            digital man (rob)

Synchronet "Real Fact" #129:
Vertrauen first started running Synchronet (switched from WWIV) in July of 1991
Norco, CA WX: 68.4øF, 65.0% humidity, 4 mph W wind, 0.00 inches rain/24hrs
--- SBBSecho 3.31-Linux
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
SEEN-BY: 10/0 1 102/401 103/1 13 17 705 105/81 106/201 124/5016 128/187
SEEN-BY: 129/14 153/7715 154/110 214/22 218/0 1 215 601 610 700 840
SEEN-BY: 218/860 880 226/30 227/114 229/110 112 206 317 400 426 428
SEEN-BY: 229/470 700 705 266/512 280/464 291/111 301/1 320/219 322/757
SEEN-BY: 342/200 396/45 460/58 633/280 712/848 902/26 5075/35
PATH: 103/705 218/700 229/426