Open chrisatta opened 4 years ago
Client connection error SmackException: No supported and enabled SASL Mechanism provided by server: Server annunced mechanisms: []
No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: [SCRAM-SHA-1, PLAIN]. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: [EXTERNAL]. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].10
@janciesla8818, @NelsonVides, @michalwski: Have you seen this ticket?
SASL EXTERNAL mechanism is filtered out if client certificate is not provided during TLS handshake
MongooseIM version: 3.7.0 Installed from: pkg Erlang/OTP version: (put the version)
Hello everyone, I am trying to enable authentication with c2s certificate but I am having trouble connecting to the server. I followed this documentation: https://mongooseim.readthedocs.io/en/3.7.0/authentication-methods/client-certificate/ Password auth works, but certificate auth does not works. I am using Usage example - Gajim and Generate client certificate.
this is my config:
{ 5222, ejabberd_c2s, [
where rootCA.pem is obtained from cat rootCA.crt rootCA.key
{sasl_mechanisms, cyrsasl_external}.
{auth_opts, [ %% Store the plain passwords or hashed for SCRAM: %% {password_format, scram} % default %% {password_format, plain} {password_format, scram} %% {scram_iterations, 10000} % default
{auth_method, pki}.
server error: 2020-10-15 11:14:24.735 [error] <0.561.0>@cyrsasl:-listmech/1-lc$^0/1-0-:81 Supervisor ejabberd_c2s_sup had child undefined started with {ejabberd_c2s,start_link,undefined} at <0.1578.0> exit with reason no function clause matching cyrsasl:'-listmech/1-lc$^0/1-0-'(cyrsasl_external) line 81 in context child_terminated
Thanks