Lenwe Posted February 26, 2016 Share Posted February 26, 2016 (edited) HiI can't make my Mumble server to work with a certificate, I keep having this error whenever I try to log with the latest client :<W>2016-02-26 15:35:59.608 1 => <2:(-1)> New connection: xxx.xxx.xxx.xxx:yyyyy <W>2016-02-26 15:35:59.776 1 => <2:(-1)> SSL Error: No certificates could be verified <W>2016-02-26 15:35:59.868 1 => <2:(-1)> Connection closed: [-1] The server is running on Ubuntu 14.04 LTSmurmurd -- 1.2.4-0.2ubuntu1.1I followed this tutorial : https://wiki.mumble.info/wiki/Obtaining_a_StartCom_Murmur_CertificateIt's outdated because it tells "After the certificate is generated the contents of the textarea should be placed in a new file, ssl_mumble.crt." but there is no more textarea when the process is over. Now StartSSL returns a .zip file containing a bunch of certificate files such as root.crt, 1_Intermediate.crt and 2_mydomain.tld.crt so I suppose the right one is the one named after the registered domain.Here is what I did :in /etc/mumble-server.ini :sslCert=ssl_mumble_concat.crt sslKey=mumble.key Then I generated the key:openssl req -nodes -newkey rsa:2048 -nodes -keyout mumble.key -out server_mumble.csrThen, on the StartSSL website :http://i.imgur.com/jCe5aiN.jpgThen I grabbed the file 2_mydomain.tld.crt from OtherServer.zip file and pasted the content in a new ssl_mumble.crt file:wget --no-check-certificate https://www.startssl.com/certs/sub.class1.server.ca.pem cat sub.class1.server.ca.pem > ssl_mumble_concat.crt cat ssl_mumble.crt >> ssl_mumble_concat.crt sudo cp ssl_mumble_concat.crt /etc/ssl_mumble_concat.crt sudo cp mumble.key /etc/mumble.key sudo service mumble-server restart And now I get this error at every connection.Any idea about what's wrong? Edited February 27, 2016 by Lenwe Quote Link to comment Share on other sites More sharing options...
Lenwe Posted February 27, 2016 Author Share Posted February 27, 2016 Finally resolved it.StartSSL provides a domain certificate, an intermediate certificate and a root certificate. The ssl_mumble.crt file is the concatenation of domain + intermediate (there are 2 --+ BEGIN/END CERTIFICATE --- blocks in it).I used the .crt file from the NginxServer.zip file and it worked. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.