Instead of my previous attempt with using my host system to create the Lets Encrypt certificates, I thought it might be actually nicer to automatically create through the new ACME system in Ejabberd.
With the self signed certs it seems to work fine, but I guess I need to un-comment the following line:
- "/etc/letsencrypt/live/xmpp.mydomain.com/*.pem"
for it to look at the right place? Does that work with the Docker image?
If I switch to that and remove the self-signed cert line from the ejabberd.yml my XMPP client does not connect any longer because of an SSL negotiation error.
Any ideas?
The ejabberd.log gives me this:
2018-03-10 18:55:57.473 [warning] <0.512.0>@ejabberd_c2s:process_terminated:290 (tls|<0.512.0>) Failed to secure c2s connection: TLS failed: Failed to find a certi
ficate matching the domain in SNI extension: error:1412E0E2:SSL routines:ssl_parse_clienthello_tlsext:clienthello tlsext
Instead of my previous attempt with using my host system to create the Lets Encrypt certificates, I thought it might be actually nicer to automatically create through the new ACME system in Ejabberd.
With the self signed certs it seems to work fine, but I guess I need to un-comment the following line:
- "/etc/letsencrypt/live/xmpp.mydomain.com/*.pem"for it to look at the right place? Does that work with the Docker image?
If I switch to that and remove the self-signed cert line from the ejabberd.yml my XMPP client does not connect any longer because of an SSL negotiation error.
Any ideas?
The ejabberd.log gives me this: