馃懡 mp0

Returned to my old plans of getting self-hosted xmpp server in my home network. Configured Prosody behind NAT with port forwarding. Got one quite strange bug: clients can connect from outside of home network, but can't connect from home network due to SSL error.

8 months ago

Actions

馃憢 Join Station

6 Replies

馃懡 mp0

Just for history: solved the problem by changing the router to the one which can be flashed with OpenWRT. I have prosody xmpp server now! 路 6 months ago

馃懡 tm85

@mp0 Thanks for the guide. As for your question, you can accomplish the same thing by using the device's IP address as the hostname the cert. For security reasons (internal IP address leakage), you might want to use a separate SSL cert for access from your LAN. 路 8 months ago

馃懡 mp0

@tm85 My setup is based on this manual: https://landchad.net/prosody/ 路 8 months ago

https://landchad.net/prosody/

馃懡 mp0

@tm85 - yes, it looks like some error with passing hostname when connecting from local network. I'm wondering if it possible to setup default hostname for IP connections 路 8 months ago

馃懡 tm85

By the way, could you drop me your prosody conf? I've been pretty unsuccessful in configurikg it myself 路 8 months ago

馃懡 tm85

SSL certs are tied to a hostname. If you're connecting by IP address, whether locla or global, the certificate name check will fail 路 8 months ago