Ejabberd: failed to decode from DER format

Lukas

10/23/22, 12:25 PM

Environment:

ejabberd version: 20.7 Erlang version: 10.6 OS: Windows Server 2019 Installed from: official binary installer Errors from error.log/crash.log 2021-06-21 07:40:31.041 [critical] <0.105.0>@ejabberd_app:start:71 Failed to start ejabberd application: Invalid value of option listen->4->certfile: Failed to read PEM file 'C:/ProgramData/ejabberd/conf/test.pem': at line 41: failed to decode from DER format

Running [|] = rr(public_key), {ok, _} = application:ensure_all_started(public_key), {ok, Data} = file:read_file("C:/Users/admin/Desktop/test.pem"), [{'PrivateKeyInfo', Der, }|] = public_key:pem_decode(Data), #'PrivateKeyInfo'{privateKey = Key} = public_key:der_decode('PrivateKeyInfo', Der), public_key:der_decode('RSAPrivateKey', Key). gives: ** exception error: no match of right hand side value #'RSAPrivateKey'{ version = 'two-prime', modulus = ... , publicExponent = 65537, privateExponent = ... , prime1 = ... , prime2 = ... , exponent1 = ... , exponent2 = ... , coefficient = ... , otherPrimeInfos = asn1_NOVALUE}

Bug description I cannot get ejabberd to run because of the error mentioned above. With the certificate of a college of mine it is working fine, but I don't know why ejabberd refuses mine.

I use an certificate with a self signed windows certificate authority as my college does, too.

https://github.com/processone/ejabberd/issues/2488 seems like a similar problem, but I am not completely sure. However just with the private key I am able to start the service, but not with the full chain, since the error in line 41 occurs with the start of the public certificate of the server. When using only the private key I of course cannot connect because of:

2021-06-21 08:32:46.742 [error] <0.564.0>@ejabberd_http:init:122 CRASH REPORT Process <0.564.0> with 0 neighbours crashed with reason: no match of right hand value {error,no_certfile} in ejabberd_http:init/3 line 122 2021-06-21 08:32:46.742 [error] <0.526.0>@ejabberd_http:init:122 Supervisor ejabberd_http_sup had child undefined started with {ejabberd_http,start_link,undefined} at <0.564.0> exit with reason no match of right hand value {error,no_certfile} in ejabberd_http:init/3 line 122 in context child_terminated

However with deactivating tls it obviously is able to start.

Thanks for your help, Lukas

Ps.: I posted this issue on GitHub too and had a chat with one guy, but he wasn't able to help me there.

0 + 0

certificate

ejabberd

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Ejabberd: failed to decode from DER format

TH: Ejabberd: ไม่สามารถถอดรหัสจากรูปแบบ DER

RO: Ejabberd: nu s-a putut decoda din formatul DER

RU: Ejabberd: не удалось декодировать из формата DER

VI: Ejabberd: không thể giải mã từ định dạng DER

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.