Cant join rooms on other servers

[matrixbot]

This issue was originally created by @niwla23 at https://github.com/matrix-org/dendrite/issues/1694.

Background information

• Dendrite version or git SHA: latest
• Monolith or Polylith?: mono
• SQLite3 or Postgres?: postgres
• Running in Docker?: yes
• go version: irrelevant

Description

I get this error when joining a room on another server:

monolith_1  | 2021/01/10 23:12:38 http: TLS handshake error from 172.19.0.1:36220: local error: tls: bad record MAC
monolith_1  | 2021/01/10 23:12:38 http: TLS handshake error from 185.26.156.222:59248: local error: tls: bad record MAC
monolith_1  | time="2021-01-10T23:12:38.208447678Z" level=error msg="federation.LookupRoomAlias failed" func="DirectoryRoom\n\t" file=" [github.com/matrix-org/dendrite/clientapi/routing/directory.go:81]" error="contents=[123 34 101 114 114 99 111 100 101 34 58 34 77 95 85 78 65 85 84 72 79 82 73 90 69 68 34 44 34 101 114 114 111 114 34 58 34 70 97 105 108 101 100 32 116 111 32 102 105 110 100 32 97 110 121 32 107 101 121 32 116 111 32 115 97 116 105 115 102 121 32 86 101 114 105 102 121 74 115 111 110 82 101 113 117 101 115 116 40 115 101 114 118 101 114 61 99 108 111 117 100 115 101 114 118 101 114 46 99 108 105 99 107 44 32 107 101 121 95 105 100 115 61 91 39 101 100 50 53 53 49 57 58 80 97 83 55 51 118 39 93 44 32 109 105 110 95 118 97 108 105 100 61 49 54 49 48 51 50 48 51 53 55 57 51 57 41 34 125] msg=Failed to GET JSON (hostname \"asozialer.club\" path \"/_matrix/federation/v1/query/directory\") code=401 wrapped=M_UNAUTHORIZED: Failed to find any key to satisfy VerifyJsonRequest(server=myserver.click, key_ids=['ed25519:PaS73v'], min_valid=1610320357939)" req.id=jBj3hBZMUQbw req.method=GET req.path="/_matrix/client/r0/directory/room/#theroom:theserver.club"

Steps to reproduce

• install dendrite with this docker-compose:

  version: "3.4"
  services:
  monolith:
  hostname: monolith
  image: matrixdotorg/dendrite-monolith:latest
  command: [
    "--tls-cert=server.crt",
    "--tls-key=server.key"
  ]
  ports:
    - 8008:8008
    - 8448:8448
  volumes:
    - ./config:/etc/dendrite
  depends_on:
    - postgres
  
  postgres:
  hostname: postgres
  image: postgres:11
  restart: always
  volumes:
  #      - ./postgres/create_db.sh:/docker-entrypoint-initdb.d/20-create_db.sh
  # To persist your PostgreSQL databases outside of the Docker image, to 
  # prevent data loss, you will need to add something like this:
    - ./postgres-data:/var/lib/postgresql/data
  environment:
    POSTGRES_PASSWORD: itsasecret
    POSTGRES_USER: dendrite

• join a room on another server
• most likely it is just my dumbness

[matrixbot]

This comment was originally posted by @neilalexander at https://github.com/matrix-org/dendrite/issues/1694#issuecomment-757563359.

Have you used https://federationtester.matrix.org/ to check your deployment?

[matrixbot]

This comment was originally posted by @niwla23 at https://github.com/matrix-org/dendrite/issues/1694#issuecomment-757578080.

I just did and I think I found the problem: I am using caddyserver to reverse proxy from matrix.mydomain.click. so the certificate Is only valid for the subdomain. How could I fix this?

[matrixbot]

This comment was originally posted by @niwla23 at https://github.com/matrix-org/dendrite/issues/1694#issuecomment-757578605.

Will a client also try port 8443? Then I could just run it on the same domain without a proxy