XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Transport-XMPP failing to start

    Scheduled Pinned Locked Moved Solved Advanced features
    22 Posts 5 Posters 8.6k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      techiem2 @julien-f
      last edited by

      @julien-f
      From Source using ronivay's script:
      https://github.com/ronivay/XenOrchestraInstallerUpdater

      julien-fJ 1 Reply Last reply Reply Quote 0
      • julien-fJ Offline
        julien-f Vates 🪐 Co-Founder XO Team @techiem2
        last edited by

        @techiem2 In this case, I cannot tell you how to update a specific plugin or use a specific branch, you can ask for the script maintainer's help or I'll merge the PR without further tests 🙂

        julien-fJ 1 Reply Last reply Reply Quote 0
        • julien-fJ Offline
          julien-f Vates 🪐 Co-Founder XO Team @julien-f
          last edited by

          The fix has been merged in master, let me know if there are more issues.

          T 2 Replies Last reply Reply Quote 0
          • T Offline
            techiem2 @julien-f
            last edited by

            @julien-f
            Sorry, been a bit busy.
            I'll update this weekend and see if the new version pulls in.
            Thanks!

            1 Reply Last reply Reply Quote 0
            • T Offline
              techiem2 @julien-f
              last edited by

              @julien-f
              Ok, so it doesn't fail with the socket error, but now it's saying unable to verify the first certificate:
              Not sure if this is a plugin issue or something on my end, but normal clients connect fine.
              I'm using Prosody with a Letsencrypt cert.

              plugin.load
{
  "id": "transport-xmpp"
}
{
  "code": "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
  "message": "unable to verify the first certificate",
  "name": "Error",
  "stack": "Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (node:_tls_wrap:1550:34)
    at TLSSocket.emit (node:events:514:28)
    at TLSSocket.patchedEmit [as emit] (/opt/xo/xo-builds/xen-orchestra-202310280240/@xen-orchestra/log/configure.js:52:17)
    at TLSSocket._finishInit (node:_tls_wrap:967:8)
    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:743:12)
    at TLSWrap.callbackTrampoline (node:internal/async_hooks:130:17)"
}
              julien-fJ 1 Reply Last reply Reply Quote 0
              • julien-fJ Offline
                julien-f Vates 🪐 Co-Founder XO Team @techiem2
                last edited by

                @techiem2 Are you sure your server's certificate is correctly configured?

                Is it self-signed?

                T 1 Reply Last reply Reply Quote 0
                • T Offline
                  techiem2 @julien-f
                  last edited by

                  @julien-f As far as I can tell. It's a standard Let's Encrypt cert and it works with normal clients.

                  julien-fJ 1 Reply Last reply Reply Quote 0
                  • julien-fJ Offline
                    julien-f Vates 🪐 Co-Founder XO Team @techiem2
                    last edited by

                    @techiem2 If you can provide me access to your server and your configuration, I might be able to investigate and maybe come up with a fix.

                    T 1 Reply Last reply Reply Quote 0
                    • T Offline
                      techiem2 @julien-f
                      last edited by

                      @julien-f Thanks!
                      Just got you setup and DM'd.
                      Let me know if you need anything else to poke around on. 🙂

                      1 Reply Last reply Reply Quote 0
                      • julien-fJ Offline
                        julien-f Vates 🪐 Co-Founder XO Team
                        last edited by

                        If other people get the UNABLE_TO_VERIFY_LEAF_SIGNATURE error, check that your XMPP server provides the correct certificate chain.

                        You can use OpenSSL for this:

                        $ openssl s_client -connect $domain:$port -starttls xmpp -showcerts </dev/null
CONNECTED(00000003)
depth=0 CN = $domain
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = $domain
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 CN = $domain
verify return:1
                        1 Reply Last reply Reply Quote 1
                        • olivierlambertO olivierlambert marked this topic as a question on
                        • olivierlambertO olivierlambert has marked this topic as solved on

                        Hello! It looks like you're interested in this conversation, but you don't have an account yet.

                        Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

                        With your input, this post could be even better 💗

                        Register Login
                        • First post
                          Last post