-
Notifications
You must be signed in to change notification settings - Fork 421
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
certificate authentication #2911
Comments
Client connection error |
No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: [SCRAM-SHA-1, PLAIN]. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: [EXTERNAL]. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].10 |
@janciesla8818, @NelsonVides, @michalwski: Have you seen this ticket? |
SASL EXTERNAL mechanism is filtered out if client certificate is not provided during TLS handshake |
MongooseIM version: 3.7.0
Installed from: pkg
Erlang/OTP version: (put the version)
Hello everyone,
I am trying to enable authentication with c2s certificate but I am having trouble connecting to the server. I followed this documentation:
https://mongooseim.readthedocs.io/en/3.7.0/authentication-methods/client-certificate/
Password auth works, but certificate auth does not works. I am using Usage example - Gajim and Generate client certificate.
this is my config:
{ 5222, ejabberd_c2s, [
where rootCA.pem is obtained from cat rootCA.crt rootCA.key
{sasl_mechanisms, cyrsasl_external}.
{auth_opts, [
%% Store the plain passwords or hashed for SCRAM:
%% {password_format, scram} % default
%% {password_format, plain}
{password_format, scram}
%% {scram_iterations, 10000} % default
{auth_method, pki}.
server error:
2020-10-15 11:14:24.735 [error] <0.561.0>@cyrsasl:-listmech/1-lc$^0/1-0-:81 Supervisor ejabberd_c2s_sup had child undefined started with {ejabberd_c2s,start_link,undefined} at <0.1578.0> exit with reason no function clause matching cyrsasl:'-listmech/1-lc$^0/1-0-'(cyrsasl_external) line 81 in context child_terminated
Thanks
The text was updated successfully, but these errors were encountered: