Failed outbound s2s EXTERNAL authentication

atldiy

4/25/24, 3:16 PM

I am trying to set up a locally-hosted ejabberd instance running in docker to use push notifications with monal-im.

I am getting the following error in the log

Failed outbound s2s EXTERNAL authentication chat.[MY DOMAIN].com -> eu.prod.push.monal-im.org (2.59.135.40): Authentication failed: Peer responded with error: unable to verify the first certificate (not-authorized)

I'm not an expert in security certificates, so I must be doing something quite wrong.

I have the following in my ejabberd.yml file:

 certfiles:
        
          - "/etc/letsencrypt/live/localhost/cert1.pem"

        ca_file: "/etc/letsencrypt/live/localhost/ejabberd.pem"
        
 listen
   -   
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
    max_stanza_size: 524288
    certfile: "/etc/letsencrypt/live/localhost/ejabberd.pem"

This resides in a docker container and port 80 is used by another container so I cannot forward it to this container, so I don't think I can use the acme service. ejaabberd.pem is the private key, certificate, and chain combined. The certificate CN is chat.[MY DOMAIN].com

Everything else seems to work. I just can't get IOS users to get push notifications when their app is sleeping.

Any ideas how to troubleshoot?

0 + 0

ejabberd

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Failed outbound s2s EXTERNAL authentication

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.