XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Transport-XMPP failing to start

    Scheduled Pinned Locked Moved Solved Advanced features
    22 Posts 5 Posters 5.0k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • julien-fJ Offline
      julien-f Vates 🪐 Co-Founder XO Team @julien-f
      last edited by

      @techiem2 Do you have the ability to test?

      T 1 Reply Last reply Reply Quote 0
      • T Offline
        techiem2 @julien-f
        last edited by

        @julien-f If you can give me instructions on how to update the plugin with the updated version, i'll give it a shot!

        julien-fJ 1 Reply Last reply Reply Quote 0
        • julien-fJ Offline
          julien-f Vates 🪐 Co-Founder XO Team @techiem2
          last edited by

          @techiem2 Sorry, I missed your message.

          Are you using an official XOA or XO built from the sources?

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            techiem2 @julien-f
            last edited by

            @julien-f
            From Source using ronivay's script:
            https://github.com/ronivay/XenOrchestraInstallerUpdater

            julien-fJ 1 Reply Last reply Reply Quote 0
            • julien-fJ Offline
              julien-f Vates 🪐 Co-Founder XO Team @techiem2
              last edited by

              @techiem2 In this case, I cannot tell you how to update a specific plugin or use a specific branch, you can ask for the script maintainer's help or I'll merge the PR without further tests 🙂

              julien-fJ 1 Reply Last reply Reply Quote 0
              • julien-fJ Offline
                julien-f Vates 🪐 Co-Founder XO Team @julien-f
                last edited by

                The fix has been merged in master, let me know if there are more issues.

                T 2 Replies Last reply Reply Quote 0
                • T Offline
                  techiem2 @julien-f
                  last edited by

                  @julien-f
                  Sorry, been a bit busy.
                  I'll update this weekend and see if the new version pulls in.
                  Thanks!

                  1 Reply Last reply Reply Quote 0
                  • T Offline
                    techiem2 @julien-f
                    last edited by

                    @julien-f
                    Ok, so it doesn't fail with the socket error, but now it's saying unable to verify the first certificate:
                    Not sure if this is a plugin issue or something on my end, but normal clients connect fine.
                    I'm using Prosody with a Letsencrypt cert.

                    plugin.load
{
  "id": "transport-xmpp"
}
{
  "code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
  "message": "unable to verify the first certificate",
  "name": "Error",
  "stack": "Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (node:_tls_wrap:1550:34)
    at TLSSocket.emit (node:events:514:28)
    at TLSSocket.patchedEmit [as emit] (/opt/xo/xo-builds/xen-orchestra-202310280240/@xen-orchestra/log/configure.js:52:17)
    at TLSSocket._finishInit (node:_tls_wrap:967:8)
    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:743:12)
    at TLSWrap.callbackTrampoline (node:internal/async_hooks:130:17)"
}
                    julien-fJ 1 Reply Last reply Reply Quote 0
                    • julien-fJ Offline
                      julien-f Vates 🪐 Co-Founder XO Team @techiem2
                      last edited by

                      @techiem2 Are you sure your server's certificate is correctly configured?

                      Is it self-signed?

                      T 1 Reply Last reply Reply Quote 0
                      • T Offline
                        techiem2 @julien-f
                        last edited by

                        @julien-f As far as I can tell. It's a standard Let's Encrypt cert and it works with normal clients.

                        julien-fJ 1 Reply Last reply Reply Quote 0
                        • julien-fJ Offline
                          julien-f Vates 🪐 Co-Founder XO Team @techiem2
                          last edited by

                          @techiem2 If you can provide me access to your server and your configuration, I might be able to investigate and maybe come up with a fix.

                          T 1 Reply Last reply Reply Quote 0
                          • T Offline
                            techiem2 @julien-f
                            last edited by

                            @julien-f Thanks!
                            Just got you setup and DM'd.
                            Let me know if you need anything else to poke around on. 🙂

                            1 Reply Last reply Reply Quote 0
                            • julien-fJ Offline
                              julien-f Vates 🪐 Co-Founder XO Team
                              last edited by

                              If other people get the UNABLE_TO_VERIFY_LEAF_SIGNATURE error, check that your XMPP server provides the correct certificate chain.

                              You can use OpenSSL for this:

                              $ openssl s_client -connect $domain:$port -starttls xmpp -showcerts </dev/null
CONNECTED(00000003)
depth=0 CN = $domain
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = $domain
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 CN = $domain
verify return:1
                              1 Reply Last reply Reply Quote 1
                              • olivierlambertO olivierlambert marked this topic as a question on
                              • olivierlambertO olivierlambert has marked this topic as solved on
                              • First post
                                Last post