Transport-XMPP failing to start
-
I don't have an easy way to test it, please check out this PR and let me know: https://github.com/vatesfr/xen-orchestra/pull/7082
closed fix(xo-server-transport-xmpp): fix loading #7082
-
@julien-f said in Transport-XMPP failing to start:
I don't have an easy way to test it,
Me either, but this update appears to at least resolve the issue of
Cannot read properties of undefined (reading 'socket')when starting xo-server. -
@techiem2 Do you have the ability to test?
-
@julien-f If you can give me instructions on how to update the plugin with the updated version, i'll give it a shot!
-
@techiem2 Sorry, I missed your message.
Are you using an official XOA or XO built from the sources?
-
@julien-f
From Source using ronivay's script:
https://github.com/ronivay/XenOrchestraInstallerUpdater -
@techiem2 In this case, I cannot tell you how to update a specific plugin or use a specific branch, you can ask for the script maintainer's help or I'll merge the PR without further tests
-
The fix has been merged in
master, let me know if there are more issues. -
@julien-f
Sorry, been a bit busy.
I'll update this weekend and see if the new version pulls in.
Thanks! -
@julien-f
Ok, so it doesn't fail with the socket error, but now it's saying unable to verify the first certificate:
Not sure if this is a plugin issue or something on my end, but normal clients connect fine.
I'm using Prosody with a Letsencrypt cert.plugin.load { "id": "transport-xmpp" } { "code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE", "message": "unable to verify the first certificate", "name": "Error", "stack": "Error: unable to verify the first certificate at TLSSocket.onConnectSecure (node:_tls_wrap:1550:34) at TLSSocket.emit (node:events:514:28) at TLSSocket.patchedEmit [as emit] (/opt/xo/xo-builds/xen-orchestra-202310280240/@xen-orchestra/log/configure.js:52:17) at TLSSocket._finishInit (node:_tls_wrap:967:8) at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:743:12) at TLSWrap.callbackTrampoline (node:internal/async_hooks:130:17)" } -
@techiem2 Are you sure your server's certificate is correctly configured?
Is it self-signed?
-
@julien-f As far as I can tell. It's a standard Let's Encrypt cert and it works with normal clients.
-
@techiem2 If you can provide me access to your server and your configuration, I might be able to investigate and maybe come up with a fix.
-
@julien-f Thanks!
Just got you setup and DM'd.
Let me know if you need anything else to poke around on. -
If other people get the
UNABLE_TO_VERIFY_LEAF_SIGNATUREerror, check that your XMPP server provides the correct certificate chain.You can use OpenSSL for this:
$ openssl s_client -connect $domain:$port -starttls xmpp -showcerts </dev/null CONNECTED(00000003) depth=0 CN = $domain verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = $domain verify error:num=21:unable to verify the first certificate verify return:1 depth=0 CN = $domain verify return:1 -
O olivierlambert marked this topic as a question on
-
O olivierlambert has marked this topic as solved on
