I am new to ejabberd. I have installed it on OpenSUSE 42.2, and get error messages which seem to prevent users from accessing the server via xmpp. I can access the admin console though.
11:52:03.765 [error] CRASH REPORT Process <0.637.0> with 0 neighbours exited with reason: no match of right hand value {error,<<"SSL_CTX_use_PrivateKey_file failed: error:0906D06C:PEM routines:PEM_read_bio:no start line">>} in ejabberd_socket:starttls/3 line 153 in p1_fsm:terminate/8 line 760
I do have TLS turned on, but not required. The authentication type is internal.
What am I doing wrong?
If I comment out the
If I comment out the lines
## certfile: "/etc/ejabberd/certs/cert.pem"
## starttls: true
it works. But I really need TLS.
2017-06-16 13:38:11.311 [error] <0.596.0> CRASH REPORT Process <0.596.0> with 0 neighbours exited with reason: no match of right hand value {error,<<"SSL_CTX_use_PrivateKey_file failed: error:0906D06C:PEM routines:PEM_read_bio:no start line">>} in ejabberd_socket:starttls/3 line 153 in p1_fsm:terminate/8 line 760
How does ejabber know where the private file is located?
You need to have both the
You need to have both the private key and certificate in the same file.
So "cat privkey.pem cert.pem > /etc/ejabberd/certs/ejabberd.pem"
Yes, I figured that out. But
Yes, I figured that out. But the documentation for that is wrong:
certfile: Path: Full path to a file containing the default SSL certificate. To define a certificate file specific for a given domain, use the global option domain_certfile.
it says nothing about the file containing the key! This wasted 1/2 day for me.