Cant seem to use symlink fullchain.pem file with ejabberd


#1

every time i do i either get random badarg or it works but ejabberd clients say the server closed the connection as soon as you connect e.e


#2

The ejabberd documentation suggests that you need to combine certificate(s) and your private key in one pem file:

Create a SSL key (read this tutorial for more information):

openssl req -new -x509 -newkey rsa:1024 -days 3650 -keyout privkey.pem -out server.pem
openssl rsa -in privkey.pem -out privkey.pem
cat privkey.pem >> server.pem
rm privkey.pem

Now edit your ejabberd.cfg file and specify the correct location of your server.pem:
[…]

I don’t think letsencrypt creates such a file for you, so you need to combine fullchain.pem and privkey.pem in a new pem file and reference that new file in your ejabberd config. Don’t forget to automate that step as well if or when you set up auto-renewal. :smile:


#3

That name for that file suggests your reading an old page.
ejabberd on Debian jessie (what i’m using atm) uses ejabberd.yml instead of ejabberd.cfg

Also automating that step would mean that auto-renewal would allow scripts to run when its done. Is this something letsencrypt plans to do?

Also it works BUT i get this

@jsha @eva2000 any chance you guys know if xmpp clients will begin to accept this automatically e.e


#4

unfortunately, no idea myself


#5

well shucks also yay


:stuck_out_tongue: