https://www.ejabberd.im/forum/28860/error-messages en https://www.ejabberd.im/forum/28860/error-messages#comment-67531 <p>Yes, I figured that out. But the documentation for that is wrong:<br /> <code>certfile: Path: Full path to a file containing the default SSL certificate. To define a certificate file specific for a given domain, use the global option domain_certfile.</code><br /> it says nothing about the file containing the key! This wasted 1/2 day for me.</p> Fri, 16 Jun 2017 18:35:05 +0000 jarome comment 67531 at https://www.ejabberd.im https://www.ejabberd.im/forum/28860/error-messages#comment-67530 <p>You need to have both the private key and certificate in the same file.<br /> So "cat privkey.pem cert.pem &gt; /etc/ejabberd/certs/ejabberd.pem"</p> Fri, 16 Jun 2017 17:55:28 +0000 captainparrot comment 67530 at https://www.ejabberd.im https://www.ejabberd.im/forum/28860/error-messages#comment-67529 <p>If I comment out the lines</p> <div class="codeblock"><code>&nbsp;&nbsp;&nbsp; ## certfile: &quot;/etc/ejabberd/certs/cert.pem&quot;<br />&nbsp;&nbsp;&nbsp; ## starttls: true</code></div> <p>it works. But I really need TLS.</p> <p><code>2017-06-16 13:38:11.311 [error] &lt;0.596.0&gt; CRASH REPORT Process &lt;0.596.0&gt; with 0 neighbours exited with reason: no match of right hand value {error,&lt;&lt;&quot;SSL_CTX_use_PrivateKey_file failed: error:0906D06C:PEM routines:PEM_read_bio:no start line&quot;&gt;&gt;} in ejabberd_socket:starttls/3 line 153 in p1_fsm:terminate/8 line 760</code><br /> How does ejabber know where the private file is located?</p> Fri, 16 Jun 2017 17:49:55 +0000 jarome comment 67529 at https://www.ejabberd.im