Home » Forums » ejabberd & XMPP » General Discussion

I can't login Zimbra + Ejabberd

Submitted by evilside on Tue, 2015-03-10 21:32

I am trying to configurate a Ejabberd server using the Zimbra LDAP for auth. The hostname is mail.mydomain.cl but mail server accounts are @mydomain.cl

When try to login Ejabberd show this error:

** State machine <0.373.0> terminating
** Last event in was {xmlstreamelement,
                         {xmlelement,"starttls",
                             [{"xmlns","urn:ietf:params:xml:ns:xmpp-tls"}],
                             []}}
** When State == wait_for_feature_request
**      Data  == {state,{socket_state,gen_tcp,#Port<0.3077>,<0.372.0>},
                        ejabberd_socket,#Ref<0.0.0.9627>,false,"4171833340",
                        {sasl_state,"jabber","mydomain.cl",[],
                                    #Fun<ejabberd_c2s.1.126837140>,
                                    #Fun<ejabberd_c2s.2.57268884>,
                                    #Fun<ejabberd_c2s.3.64018780>,undefined,
                                    undefined},
                        c2s,c2s_shaper,false,true,false,false,
                        [verify_none,{certfile,"/etc/ejabberd/ejabberd.pem"}],
                        false,undefined,[],"mydomain.cl",[],undefined,
                        {0,nil},
                        {0,nil},
                        {0,nil},
                        {0,nil},
                        undefined,undefined,undefined,false,
                        {userlist,none,[],false},
                        unknown,unknown,
                        {{181,72,77,149},33443},
                        []}
** Reason for termination =
** {{badmatch,{error,"SSL_CTX_use_PrivateKey_file failed: error:0906D06C:PEM routines:PEM_read_bio:no start line"}},
    [{ejabberd_socket,starttls,3},
     {ejabberd_c2s,wait_for_feature_request,2},
     {p1_fsm,handle_msg,10},
     {proc_lib,init_p_do_apply,3}]}

I created self signed certificate with this commands:

openssl req -new -key privkey.pem -out server.pem
openssl x509 -req -days 3000 -in server.pem -signkey privkey.pem -out certificate.pem
cat certificate.pem privkey.pem > /etc/ejabberd/ejabberd.pem

There are some the most important lines of my config file:

{acl, admin, {user, "admin", "mydomain.cl"}}.
{hosts, ["mydomain.cl"]}.
{s2s_use_starttls, true}.
{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
{auth_method, ldap}.
{ldap_servers, ["mail.mydomain.cl"]}.
{ldap_encrypt, none}.
{ldap_port, 389}.
{ldap_rootdn, "cn=config"}.
{ldap_password, "mypass"}.
{ldap_base, "ou=people,dc=mydomain,dc=cl"}.
{ldap_uids, [{"uid"}]}.
{ldap_filter, "(&(objectClass=zimbraAccount)(zimbraAccountStatus=active)(!(zimbraHideInGal=TRUE)))"}.
‹ mod_roster access rule A quick introduction to ejabberd for GSoC hopefuls ›

It seems your error mean the

Submitted by mremond on Wed, 2015-03-11 09:36.

It seems your error mean the certificate is incorrect and that ejabberd cannot read / find the private key in it: "no start line"

Maybe a few of this page will help you:

Common mistake seems to be "^M" terminated lines for certs generated on Windows.

»
Syndicate content

User login