Looking at your log you posted, and your small configuration snippet, it's incorrect. Your log clearly states,
Jan 14 13:19:05 psychedelic.fi inspircd[3019177]: [*] Unable to read the configuration for m_ssl_gnutls.so: You have not specified any <sslprofile> tags that are usable by this module!Your IP and port binding for the SSL port, commonly 6697, has to have an sslprofile defined to it. Like this,
<bind address="7.8.9.9" port="6697" protocols="tcp" type="clients" sslprofile="client_ssl"> You then have a <connect block with the name of clients and port 6697.You then define an <sslprofile block that includes location to the cert and key, if not defined it defaults to /etc/inspircd/cert.pem and key.pem and they need chown irc:irc. I have a separate sslprofile for server linking specifically with it's own cert and keypair named linked-cert.pem and link-key.pem. That is where the self signed linking cert is at.
Example: <sslprofile name="client_ssl" provider="gnutls"cafile="" # Keep this blank unless you are doing client cert auth against your own CA. crlfile="" # Same thing but this is the revocation list file for your CA. Keep blank unless you are doing cert auth.
hash="sha256"> # Algo used to generate cert fingerprints. <sslprofile name="server_ssl" provider="gnutls" cafile="" crlfile="" certfile="link-cert.pem" keyfile="link-key.pem" hash="sha256">If you need additional help, please reach out to InspIRCd support on IRC and also see the documentation before opening a "serious" bug against the Debian package.
See: https://docs.inspircd.org/4/breaking-changes/ https://docs.inspircd.org/4/modules/ssl_gnutls/ Maintainer, please close this bug. There is no issue here. Regards, Victor Coss
smime.p7s
Description: S/MIME Cryptographic Signature
