[ejabberd] ubuntu cripto

Randy Bush randy at psg.com
Mon Apr 18 06:06:14 MSK 2016


so i took the leap.  and i converted to yaml, attached.  but, adium
tells me

    Error: you require encryption but it is not available on this server

psi says
    Server does not support TLS encryption

and the log gives no clue

    2016-04-18 02:44:44.286 [info] <0.470.0>@ejabberd_listener:accept:299 (#Port<0.9573>) Accepted connection ::FFFF:210.138.216.50:60497 -> ::FFFF:147.28.0.6:5280
    2016-04-18 02:44:44.286 [info] <0.538.0>@ejabberd_http:init:157 started: {gen_tcp,#Port<0.9573>}


# egrep -v '(\#|^$)' /etc/ejabberd/ejabberd.yml 
loglevel: 4
log_rotate_size: 10485760
log_rotate_date: ""
log_rotate_count: 1
log_rate_limit: 100
hosts:
  - "localhost"
listen: 
  - 
    port: 5222
    ip: "::"
    module: ejabberd_c2s
    certfile: "/etc/ejabberd/ejabberd.pem"
    starttls_required: true
    starttls: true
    ciphers: "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH"
    protocol_options:
      - "no_sslv2"
      - "no_sslv3"
    max_stanza_size: 65536
    shaper: c2s_shaper
    access: c2s
    resend_on_timeout: if_offline
  - 
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
  - 
    port: 5280
    ip: "::"
    module: ejabberd_http
    request_handlers:
      "/websocket": ejabberd_http_ws
    web_admin: true
    http_bind: true
    captcha: true
disable_sasl_mechanisms: "digest-md5"
s2s_use_starttls: required
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
s2s_protocol_options:
   - "no_sslv3"
auth_method: internal
auth_password_format: scram
shaper:
  normal: 1000
  fast: 50000
max_fsm_queue: 1000
acl:
  admin:
     user:
         - "": "localhost"
  local: 
    user_regexp: ""
  loopback:
    ip:
      - "127.0.0.0/8"
access:
  max_user_sessions: 
    all: 10
  max_user_offline_messages: 
    admin: 5000
    all: 100
  local: 
    local: allow
  c2s: 
    blocked: deny
    all: allow
  c2s_shaper: 
    admin: none
    all: normal
  s2s_shaper: 
    all: fast
  announce: 
    admin: allow
  configure: 
    admin: allow
  muc_admin: 
    admin: allow
  muc_create: 
    local: allow
  muc: 
    all: allow
  pubsub_createnode: 
    local: allow
  register: 
    all: allow
  trusted_network: 
    loopback: allow
language: "en"
modules: 
  mod_adhoc: {}
  mod_admin_extra: {}
    access: announce
  mod_caps: {}
  mod_carboncopy: {}
  mod_client_state:
    drop_chat_states: true
    queue_presence: true
  mod_disco:
    server_info:
      modules: all
      name: "abuse-addresses"
      urls: ["mailto:abuse at localhost"]
  mod_echo: {}
  mod_irc:
    default_encoding: "utf-8"
  mod_http_bind:
    max_inactivity: 60
  mod_last: {}
  mod_muc: 
    access: muc
    access_create: muc_create
    access_persistent: muc_create
    access_admin: muc_admin
  mod_muc_admin: {}
  mod_multicast: {}
  mod_offline: 
    access_max_user_messages: max_user_offline_messages
  mod_ping: {}
  mod_pres_counter:
     count: 5
     interval: 60
  mod_privacy: {}
  mod_private: {}
  mod_pubsub: 
    access_createnode: pubsub_createnode
    ignore_pep_from_offline: true
    last_item_cache: false
    plugins: 
      - "flat"
      - "hometree"
  mod_register: 
    captcha_protected: true
    welcome_message: 
      subject: "Welcome!"
      body: |-
        Hi.
        Welcome to this XMPP server.
    ip_access: trusted_network
    access: register
  mod_roster: {}
  mod_shared_roster: {}
  mod_sic: {}
  mod_stats: {}
  mod_time: {}
  mod_vcard: {}
  mod_version: {}
allow_contrib_modules: true


More information about the ejabberd mailing list