Hello, I am trying to get my own server up and running but have encountered an issue with certificates in #Prosody. I am a newbie, so I’m not sure anyone wants to take the time to help, but can’t hurt to ask.
smooth_ophas left
smooth_ophas joined
hshdhdhchas left
william.chatnerhas left
hotaruhas left
hotaruhas joined
tbm16has left
tbm16has joined
undefinedhas left
wurstsalathas left
smooth_op
YHL: what sort of issue?
undefinedhas joined
YHL
Let me get a screenshot
tbm16has left
smooth_ophas left
jzmartinhas left
smooth_ophas joined
jzmartinhas joined
YHL
Here are the errors:
certmanager: SSL/TLS: Failed to load '/etc/letsencrypt/live/my.site/privkey.pem': Check that the file exists and the pe>
my.site:tls: Error creating context for c2s: error loading private key ((null))
certmanager: SSL/TLS: Failed to load '/etc/letsencrypt/live/my.site/privkey.pem': Previous error (see logs), or other s>
my.site:tls: Error creating contexts for s2sout: error loading private key (system lib)
certmanager: SSL/TLS: Failed to load '/etc/letsencrypt/live/my.site/privkey.pem': Previous error (see logs), or other s>
my.site:tls: Error creating contexts for s2sin: error loading private key (system lib)
tbm16has joined
YHL
FYI, I have this command and replay:
prosodyctl --root cert import /etc/letsencrypt/live/my.site
No certificate for host localhost found :
Imported certificate and key for hosts my.site
smooth_op
YHL: try the prosodyctl without "/my.site"
oshnhas joined
oshnhas left
smooth_op
based on https://prosody.im/doc/letsencrypt#certbot
oshnhas joined
oshnhas left
oshnhas joined
Menel
YHL: there is a prosody room for prosody question xmpp:prosody@conference.prosody.im?join
Seeing your first posted error, I assume you declare the certificate path in the config somewhere.
You should delete that line. You already successfully imported your certs with the importer command.
Menel
> Imported certificate and key for hosts my.site
With that, there is no need for anything in your prosody config. It will just work.
So no
`ssl =` line. No `certificate=` line or anything.
tbm16has left
tbm16has joined
smooth_op
ah right, prosody config shouldn't be trying to look in /etc/letsencrypt
smooth_op
because only root has access to /etc/letsencrypt and prosody runs as an unprivileged user
ZeoZ olikishas left
oshnhas left
smooth_op
the prosodyctl import command will use root access to copy the certs from /etc/letsencrypt into /etc/prosody/certs, where it will be accessible to the prosody daemon
Menel
Sadly many people copy some random prosody config from some random website, over the sensible defaults of the shipped config. Often with very outdated config options...
raverhas left
oshnhas joined
dominionhas left
Marandahas left
redflaghas left
bkilhas left
scilenshas left
Mjolnir Archonhas left
RoseBytehas left
Maranda[x]has left
smooth_op
sure, that's a possibility
smooth_op
i can also imagine initially pointing the prosody config to /etc/letsencrypt since that's where the certs are, observing permissions issue, then discovering prosodyctl cert import, but forgetting that cert path had been updated
smooth_op
in any event, hope this has fixed the issue for you YHL!
schäfchen726has left
jchas left
bookadouhas left
ZeoZ olikishas joined
kuba_has left
Menel
I had it like that for a long time too...
Add all services to a "cert" group and have the certs and the path to the certs readable by the cert group... Works too of course.
Calvinhas joined
Calvinhas left
Calvinhas joined
Calvinhas left
Menel
YHL: if you have any more problems or questions, don't hesitate to ask in the Prosody room xmpp://prosody@conference.prosody.im?join
There should be someone around to help with the setup. Even better in the European morning...
balabol.imhas left
balabol.imhas joined
John has left
acidsyshas joined
Chris Machas left
Chris Machas joined
homebeachhas left
homebeachhas joined
balabol.imhas left
quantumwingshas left
Menelhas left
balabol.imhas joined
smooth_ophas left
quantumwingshas joined
homebeachhas left
homebeachhas joined
jzmartinhas left
jzmartinhas joined
balabol.imhas left
djorzhas left
djorzhas joined
balabol.imhas joined
djorzhas left
Chris Machas left
Chris Machas joined
jackhas left
patascahas left
patascahas joined
inkyhas left
patascahas left
patascahas joined
djorzhas joined
xsohas left
Maranda[x]has joined
xsohas joined
Friendly Resident Cynichas left
jackhas joined
homebeachhas left
homebeachhas joined
kuba_has joined
kusonekohas left
gooyahas left
kusonekohas joined
scilenshas joined
redflaghas joined
balabol.imhas left
bkilhas joined
RoseBytehas joined
Friendly Resident Cynichas joined
djorzhas left
catchyhas joined
ernst.on.tourhas left
Mjolnir Archonhas joined
[czar]has left
[czar]has joined
ernst.on.tourhas joined
Marandahas joined
[czar]has left
[czar]has joined
jgarthas left
raverhas joined
Chris Machas left
zhoskahas left
Chris Machas joined
raverhas left
belonghas left
belonghas joined
ernst.on.tourhas left
balabol.imhas joined
marc0shas left
marc0shas joined
podhas joined
dryanhas joined
dryanhas left
Trunghas joined
raverhas joined
Menelhas joined
greyhas left
greyhas joined
ernst.on.tourhas joined
mimi89999has left
mimi89999has joined
greyhas left
greyhas joined
jackhas left
jackhas joined
[czar]has left
homebeachhas left
homebeachhas joined
[czar]has joined
miruxhas joined
waelhas joined
[czar]has left
[czar]has joined
[czar]has left
[czar]has joined
karimhas left
karimhas joined
karimhas left
karimhas joined
xsohas left
xsohas joined
ibikkhas joined
allbombsonhas left
allbombsonhas joined
tbm16has left
writer77has joined
raghavgururajanhas joined
dora71has joined
Chris Machas left
Chris Machas joined
jakobhas left
jakobhas joined
barlashas left
barlashas joined
msavoritiashas joined
*IM*has joined
resolihas joined
albertohas joined
Chris Machas left
Chris Machas joined
jajhas left
jajhas joined
jchas joined
marevalohas left
marevalohas joined
karimhas left
karimhas joined
Link Mauve
YHL, no double shash in XMPP URIs, you meant xmpp:prosody@conference.prosody.im?join fyi. :)
schäfchen726has joined
froghas joined
undefinedhas left
dominionhas joined
Licaon_Kter
Works in Conversations. Not in specs?
YHLhas left
Chris Machas left
Chris Machas joined
Link Mauve
Licaon_Kter, the double slash can be interpreted as “please authenticate as user prosody on server conference.prosody.im”, which makes exactly no sense.
Link Mauve
If a client interprets that otherwise, it should probably get fixed.
Licaon_Kter
Link Mauve: link to spec?
Licaon_Kter
I never heard of that before, interesting
MattJ
Licaon_Kter [08:35]:
> Link Mauve: link to spec?
I advise against entering this rabbit hole if you value your weekend 🙂
Heh, must've been mussle memory.
But now that I think of it, It should be ok that it works.
Because, no, a client not interpret it as
> register user prosody on server conference.prosody.im”,
Because it is xmpp:// not https://
So why would a client think that?✎
Menel
Heh, must've been mussle memory.
But now that I think of it, It should be ok that it works.
Because, no, a client should not interpret it as
> register user prosody on server conference.prosody.im”,
Because it is xmpp:// not https://
So why would a client think that? ✏
wurstsalathas joined
MattJ
It means the same thing, just a different protocol
Licaon_Kter
Menel: see RFC 3986 section 3
Licaon_Kter
If it's https or ftp or xmpp they have to behave the same "generic URI whatever"
Ge0rGhas left
Menel
Ok, I must admit, I don't get what
> Authority
Means in this content, I see it as something to do with //
But I'm after a night shift, so maybe I can understand it in thr evening
Ge0rGhas joined
schäfchen726has left
schäfchen726has joined
marc0shas left
marc0shas joined
andrey.utkinhas left
marc0shas left
marc0shas joined
schäfchen726has left
schäfchen726has joined
marc0shas left
marc0shas joined
jchas left
jchas joined
jajhas left
jajhas joined
hotaruhas left
hotaruhas joined
marc0shas left
marc0shas joined
schäfchen726has left
schäfchen726has joined
andrey.utkinhas joined
dora71has left
huxxerhas joined
dora71has joined
J Bombhas joined
J Bombhas left
*IM*has left
homebeachhas left
homebeachhas joined
Chris Machas left
resolihas left
Marandahas left
redflaghas left
bkilhas left
scilenshas left
Mjolnir Archonhas left
RoseBytehas left
Menelhas left
Chris Machas joined
Menelhas joined
jajhas left
antranigvhas left
redflaghas joined
scilenshas joined
bkilhas joined
Mario Sabatinohas joined
RoseBytehas joined
jajhas joined
antranigvhas joined
antranigvhas left
earthlinghas left
earthlinghas joined
antranigvhas joined
antranigvhas left
p42ityhas joined
jgarthas joined
p42ityhas left
dora71has left
dora71has joined
resolihas joined
Mjolnir Archonhas joined
Marandahas joined
ZeoZ olikishas left
ZeoZ olikishas joined
carloshas left
inkyhas joined
Menelhas left
dora71has left
dora71has joined
antranigvhas joined
earthlinghas left
earthlinghas joined
Sirrdghas left
Sirrdghas joined
karmehas left
karmehas joined
resolihas left
resolihas joined
djorzhas joined
p42ityhas joined
p42ityhas left
sonnyhas left
resolihas left
resolihas joined
sonnyhas joined
carloshas joined
ZeoZ olikishas left
papatutuwawahas joined
ZeoZ olikishas joined
ijhas left
ijhas joined
undefinedhas left
huxxerhas left
huxxerhas joined
resolihas left
karmehas left
undefinedhas joined
gooyahas joined
dora71has left
John has joined
dora71has joined
schäfchen726has left
schäfchen726has joined
nicocohas joined
Arnehas left
*IM*has joined
[czar]has left
riau.snihas left
abdullahhas joined
riau.snihas joined
heartyhas left
heartyhas joined
djorzhas left
resolihas joined
xsohas left
abdullahhas left
xsohas joined
resolihas left
John has left
John has joined
abdullahhas joined
abdullahhas left
abdullahhas joined
jajhas left
djorzhas joined
ukrhas joined
abdullahhas left
marc0shas left
marc0shas joined
riau.snihas left
riau.snihas joined
jgarthas left
jgarthas joined
riau.snihas left
riau.snihas joined
riau.snihas left
djorzhas left
djorzhas joined
riau.snihas joined
resolihas joined
abdullahhas joined
resolihas left
YHLhas joined
jajhas joined
inkyhas left
karimhas left
dora71has left
dora71has joined
dora71has left
dora71has joined
dominionhas left
antranigvhas left
abdullahhas left
abdullahhas joined
dora71has left
dora71has joined
resolihas joined
abdullahhas left
abdullahhas joined
dominionhas joined
xsohas left
antranigvhas joined
antranigvhas left
antranigvhas joined
xsohas joined
kbt100has left
kbt100has joined
resolihas left
antranigvhas left
abdullahhas left
resolihas joined
abdullahhas joined
Menelhas joined
marc0shas left
marc0shas joined
Chris Machas left
Chris Machas joined
ijhas left
antranigvhas joined
ijhas joined
antranigvhas left
abdullahhas left
Chris Machas left
Chris Machas joined
hotaruhas left
hotaruhas joined
*IM*has left
*IM*has joined
xsohas left
antranigvhas joined
antranigvhas left
Chris Machas left
xsohas joined
Arnehas joined
Chris Machas joined
antranigvhas joined
antranigvhas left
antranigvhas joined
antranigvhas left
Chris Machas left
Chris Machas joined
william.chatnerhas joined
marc0shas left
marc0shas joined
abdullahhas joined
abdullahhas left
Maranda[x]has left
karimhas joined
dora71has left
Arnehas left
*IM*has left
resolihas left
jajhas left
jajhas joined
drsn
Are there any public xmpp server out there that provide post http service (e. g. sending xmpp messages via curl)?
I want to know this because I want to provide 2fa for nextcloud authentication via xmpp. That would be the easiest way to implement.
ukrhas left
ijhas left
Maranda[x]has joined
balabol.imhas left
balabol.imhas joined
wladmishas left
wladmishas joined
Trunghas left
Trunghas joined
resolihas joined
Calvinhas joined
Calvinhas left
MattJ
Hmm, there was a service but it seems to be offline
*IM*has joined
MattJtries to remember who was building that
schäfchen726has left
schäfchen726has joined
schäfchen726has left
schäfchen726has joined
schäfchen726has left
resolihas left
schäfchen726has joined
resolihas joined
ijhas joined
Arnehas joined
marc0shas left
marc0shas joined
resolihas left
jajhas left
Menelhas left
Calvinhas joined
Calvinhas left
Menelhas joined
marc0shas left
marc0shas joined
papatutuwawahas left
karmehas joined
schäfchen726has left
dominionhas left
schäfchen726has joined
timothyhas left
timothyhas joined
xsohas left
BlackyCatshas left
moparisthebesthas left
xsohas joined
jajhas joined
heartyhas left
dominionhas joined
timothyhas left
timothyhas joined
Ingolfhas left
Ingolfhas joined
mxhas left
heartyhas joined
mxhas joined
balabol.imhas left
balabol.imhas joined
schäfchen726has left
schäfchen726has joined
jgarthas left
homebeachhas left
homebeachhas joined
djorzhas left
ukrhas joined
Ingolfhas left
Ingolfhas joined
schäfchen726has left
schäfchen726has joined
balabol.imhas left
schäfchen726has left
schäfchen726has joined
moparisthebesthas joined
xsohas left
xsohas joined
schäfchen726has left
schäfchen726has joined
balabol.imhas joined
jgarthas joined
antranigvhas joined
froghas left
antranigvhas left
schäfchen726has left
schäfchen726has joined
antranigvhas joined
ukrhas left
antranigvhas left
balabol.imhas left
antranigvhas joined
antranigvhas left
balabol.imhas joined
Arnehas left
papatutuwawahas joined
schäfchen726has left
schäfchen726has joined
schäfchen726has left
schäfchen726has joined
allbombsonhas left
allbombsonhas joined
kuba_has left
belonghas left
belonghas joined
schäfchen726has left
schäfchen726has joined
Arnehas joined
Menelhas left
antranigvhas joined
Menelhas joined
jgarthas left
antranigvhas left
catchyhas left
froghas joined
catchyhas joined
drsnhas left
drsnhas joined
antranigvhas joined
drsnhas left
drsnhas joined
drsnhas left
drsnhas joined
antranigvhas left
abdullahhas joined
inkyhas joined
jajhas left
jajhas joined
jgarthas joined
drsnhas left
abdullahhas left
drsnhas joined
abdullahhas joined
Chris Machas left
Chris Machas joined
marc0shas left
marc0shas joined
djorzhas joined
abdullahhas left
resolihas joined
Menelhas left
Menelhas joined
jonas’
grep for the url in your jdev logs
jonas’
the person announced it there I think
YHLhas left
sonnyhas left
Trunghas left
sonnyhas joined
antranigvhas joined
antranigvhas left
antranigvhas joined
antranigvhas left
antranigvhas joined
kuba_has joined
jzmartinhas left
karimhas left
karimhas joined
homebeachhas left
homebeachhas joined
resolihas left
jgarthas left
jzmartinhas joined
beanhas joined
YHLhas joined
jzmartinhas left
jzmartinhas joined
antranigvhas left
tbm16has joined
antranigvhas joined
antranigvhas left
djorzhas left
Steven Roosehas left
Steven Roosehas joined
antranigvhas joined
mjkhas left
yerayhas joined
djorzhas joined
ijhas left
ijhas joined
raghavgururajanhas left
mjkhas joined
albertohas left
albertohas joined
andrey.utkinhas left
andrey.utkinhas joined
jgarthas joined
heartyhas left
heartyhas joined
jchas left
jchas joined
Chris Machas left
tbm16has left
Arnehas left
tbm16has joined
antranigvhas left
balabol.imhas left
balabol.imhas joined
marc0shas left
marc0shas joined
antranigvhas joined
marc0shas left
antranigvhas left
marc0shas joined
[czar]has joined
tbm16has left
tbm16has joined
djorzhas left
tbm16has left
marc0shas left
marc0shas joined
tbm16has joined
henrikhas left
marc0shas left
marc0shas joined
nuegia.net
> Are there any public xmpp server out there that provide post http service (e. g. sending xmpp messages via curl)?
> I want to know this because I want to provide 2fa for nextcloud authentication via xmpp. That would be the easiest way to implement.
look at slix sdk and bosh