![]() ![]() ![]() Issuer Let's Encrypt Authority X3 (Let's Encrypt from US) Start 11:06:50 -> x.x.x.x:5222 (xxx.de) = 30 days ( xx:xx -> xx:xx)Ĭertificate Transparency yes (certificate extension) run testssl.sh with the following result:.tested with Gajim client on desktop PC and it works fine (ejabberd config is ok).Rror" - "WOCKY_CONNECTOR_ERROR_TLS_SESSION_FAILED (#7): TLS handshake error: -9: GNUTLS_E_UNEXPECTED_PACKET_LENGTH" Connection/gabble/jabber/heiko_40xxxx_2exxx_2ede_2fJolla" failed with ".NetworkE Oct 19 10:12:25 Sailfish : unknown:0 - tp-qt 0.9.8 WARN: Building connection "/org/freedesktop/Telepathy " : "WOCKY_CONNECTOR_ERROR_TLS_SESSION_FAILED (#7): TLS handshake error: -9: GNUT Oct 19 10:12:25 Sailfish : unknown:0 - tp-qt 0.9.8 WARN: Nested PendingReady for true failed with "org.f Oct 19 10:12:24 Sailfish dbus-daemon: dbus-daemon: Successfully activated serv 08:56:00.533693+00:00 (tls|) Failed to secure c2s connection: TLS failed: SSL_do_handshake failed: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher Create ejabberd container and add Let’s encrypt certs.# When using let's encrypt to generate certificates Generated Let’s encrypt certificate and configured ejabberd.yml.Pulled latest ejabberd image form dockerhub.It looks like GNU_TLS has trouble negotiating the STARTTLS handshake. I recently upgraded my legacy ejabberd service and found out that native XMPP client is no longer able to connect to current ejabberd 20.01 pulled from dockerhub (docker pull ejabberd/ecs) using Let’s encrypt certificate. REGRESSION: (compared to previous public release: Yes, No, ?): No DESCRIPTION: I can also see that the only Common Name listed is the hostname of the Pi.BUILD ID = OS VERSION (Settings > About product): 3.4.0.24 I know the certificate I’m using was generated on install, before I input my FQDN into the Freedombox Settings. My understanding of SSL needs improvement. It felt like a port / firewall type of issue but I’m starting to think it’s SSL. I can confirm that the hosts: section of ejabberd.yml shows, as expected. In case that affected anything… here is the LDAP config which FBX generated in /etc/ejabberd/ejabberd.yml: *LDAP: I forgot to add DEBIAN_FRONTEND=noninteractive during setup, and just accepted the defaults.*Diagnostics: eJabberd passes all checks, though LetsEncrypt states it can not access URL.*Firewall: This problem still occurs if I disable the firewall on my client system.*Port forwarding: DMZ (however, during FBX setup I claimed I would use NAT tables.How did you install FreedomBox?: apt install freedombox on a fresh install of Debian Bookworm.I get an error with the following message:Ĭonnection failed. I expected to be able to communicate with the server using a desktop client. ![]() I try to login as using clients such as dino-im and gajim, but they’re not able to get through.This was achieved through the domain name, not the IP address. I was able to login as an admin, and as as a less privileged user with JSXC in a web-based environment.I installed Coturn and Ejabberd, opting not to complete Let’s Encrypt as I do prefer to self-sign.I added an A record for which points to my Static IP address and waited for DNS propagation to complete.I set domain name to in Settings → Configure.I can’t tell if this is firewall-related or SSL-related (see bottom.) I am unable to connect desktop clients to eJabberd - only JSXC is working. ![]()
0 Comments
Leave a Reply. |