prosody 0.9 and letsencrypt: no start line
329 views
Skip to first unread message
yannick.r...@gmail.com
May 31, 2018, 1:32:31 PM5/31/18
to Prosody IM Users
Hello
I'm using provody 0.9 on a debian 9.
I've an apache2 server with letsencrypt certificates for one site and it works fine for this site.
I would like to use them for my jitis-meet server: XXXXXX.ddns.net
-> So I direct prosody to use them , copy them in /etc/prosody/certs and give them the good permission (owner: prosody and group: prosody):
# cp /etc/letsencrypt/live/XXXXXX.ddns.net/*.pem /etc/prosody/certs/
# ls -al /etc/prosody/certs/ |grep pem
-rw-r--r-- 1 prosody prosody 2163 mai 30 22:51 cert.pem
-rw-r--r-- 1 prosody prosody 1647 mai 30 22:51 chain.pem
-rw-r--r-- 1 prosody prosody 3810 mai 30 22:51 fullchain.pem
lrwxrwxrwx 1 root root 37 mai 7 07:41 localhost.crt -> ../../ssl/certs/ssl-cert-snakeoil.pem
-rw-r--r-- 1 prosody prosody 1704 mai 30 22:51 privkey.pem
-> and I provide the following config under the VirtualHost:
VirtualHost "auth.XXXXXX.ddns.net"
ssl = {
key = "/etc/prosody/certs/fullchain.pem";
certificate = "/etc/prosody/certs/privkey.pem";
}
-> But when I restart prosody, I 've an error:"SSL/TLS: Failed to load '/etc/prosody/certs/fullchain.pem': Reason: no start line (for auth.XXXXXX.ddns.net)" :
# cat /var/log/prosody/prosody.log
(...)
May 31 12:26:40 portmanager info Activated service 'https' on [::]:5281, [*]:5281
May 31 12:26:40 XXXXXX.ddns.net:http debug Serving 'bosh' at https://XXXXXX.ddns.net:5281/http-bind
May 31 12:26:40 hostmanager debug Activated host: auth.XXXXXX.ddns.net
May 31 12:26:40 auth.XXXXXX.ddns.net:auth_internal_plain debug initializing internal_plain authentication provider for host 'auth.XXXXXX.ddns.net'
May 31 12:26:40 usermanager debug host 'auth.XXXXXX.ddns.net' now set to use user provider 'internal_plain'
May 31 12:26:40 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/fullchain.pem': Reason: no start line (for auth.XXXXXX.ddns.net)
May 31 12:26:40 auth.XXXXXX.ddns.net:tls error Unable to initialize TLS: error loading private key (no start line)
May 31 12:26:40 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/fullchain.pem': Reason: pem lib (for auth.XXXXXX.ddns.net)
May 31 12:26:40 auth.XXXXXX.ddns.net:tls error Unable to initialize TLS: error loading private key (PEM lib)
What is wrong ?
Thanks for help
I'm using provody 0.9 on a debian 9.
I've an apache2 server with letsencrypt certificates for one site and it works fine for this site.
I would like to use them for my jitis-meet server: XXXXXX.ddns.net
-> So I direct prosody to use them , copy them in /etc/prosody/certs and give them the good permission (owner: prosody and group: prosody):
# cp /etc/letsencrypt/live/XXXXXX.ddns.net/*.pem /etc/prosody/certs/
# ls -al /etc/prosody/certs/ |grep pem
-rw-r--r-- 1 prosody prosody 2163 mai 30 22:51 cert.pem
-rw-r--r-- 1 prosody prosody 1647 mai 30 22:51 chain.pem
-rw-r--r-- 1 prosody prosody 3810 mai 30 22:51 fullchain.pem
lrwxrwxrwx 1 root root 37 mai 7 07:41 localhost.crt -> ../../ssl/certs/ssl-cert-snakeoil.pem
-rw-r--r-- 1 prosody prosody 1704 mai 30 22:51 privkey.pem
-> and I provide the following config under the VirtualHost:
VirtualHost "auth.XXXXXX.ddns.net"
ssl = {
key = "/etc/prosody/certs/fullchain.pem";
certificate = "/etc/prosody/certs/privkey.pem";
}
-> But when I restart prosody, I 've an error:"SSL/TLS: Failed to load '/etc/prosody/certs/fullchain.pem': Reason: no start line (for auth.XXXXXX.ddns.net)" :
# cat /var/log/prosody/prosody.log
(...)
May 31 12:26:40 portmanager info Activated service 'https' on [::]:5281, [*]:5281
May 31 12:26:40 XXXXXX.ddns.net:http debug Serving 'bosh' at https://XXXXXX.ddns.net:5281/http-bind
May 31 12:26:40 hostmanager debug Activated host: auth.XXXXXX.ddns.net
May 31 12:26:40 auth.XXXXXX.ddns.net:auth_internal_plain debug initializing internal_plain authentication provider for host 'auth.XXXXXX.ddns.net'
May 31 12:26:40 usermanager debug host 'auth.XXXXXX.ddns.net' now set to use user provider 'internal_plain'
May 31 12:26:40 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/fullchain.pem': Reason: no start line (for auth.XXXXXX.ddns.net)
May 31 12:26:40 auth.XXXXXX.ddns.net:tls error Unable to initialize TLS: error loading private key (no start line)
May 31 12:26:40 certmanager error SSL/TLS: Failed to load '/etc/prosody/certs/fullchain.pem': Reason: pem lib (for auth.XXXXXX.ddns.net)
May 31 12:26:40 auth.XXXXXX.ddns.net:tls error Unable to initialize TLS: error loading private key (PEM lib)
What is wrong ?
Thanks for help
yannick.r...@gmail.com
May 31, 2018, 2:50:59 PM5/31/18
to Prosody IM Users
Sorry for my mistake:
I did
I did
certificate = "/etc/prosody/certs/privkey.pem";
}
instead of
VirtualHost "auth.XXXXXX.ddns.net"
ssl = {
key = "/etc/prosody/certs/privkey.pem";
}
instead of
VirtualHost "auth.XXXXXX.ddns.net"
ssl = {
key = "/etc/prosody/certs/privkey.pem";
certificate = "/etc/prosody/certs/fullchain.pem";
}
}
No more error now.
Sorry again for this post....
Yann
Reply all
Reply to author
Forward
0 new messages