Hi,
after spending two days searching for a solution (reading and trying all other related community threads) I am finally trying to ask for help here.
I have sucessfully installed Jitsi on a fresh Ubuntu. Vidoconferencing works like a charm. (Thanks for that
I have followed the “Secure Domain setup” and enable authentication and also enabled anonymous login for guests. I have installed jigasi sucessfully. It connects to my sip server fine.
BUT
Unfortunately I cannot add a phone user by inviting someone from a meeting room. Could someone give me some pointers what I did wrong?
Regarding the error I am getting, I find different descriptions: Certificate error or password error. I have tried everything I could think of to fix it.
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
My installation:
Fresh ubuntu 20.04.2 LTS
Linux meet.myDomain.de 5.4.0-65-generic #73-Ubuntu SMP Mon Jan 18 17:25:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Automatic install from the handbook.
Java:
openjdk 14.0.2 2020-07-14
OpenJDK Runtime Environment (build 14.0.2+12-Ubuntu-120.04)
OpenJDK 64-Bit Server VM (build 14.0.2+12-Ubuntu-120.04, mixed mode, sharing)
jicofo/stable,now 1.0-692-hf-1 all [installed,automatic]
jitsi-meet-prosody/stable,now 1.0.4628-1 all [installed,automatic]
jitsi-meet-turnserver/stable,now 1.0.4628-1 all [installed,automatic]
jitsi-meet-web-config/stable,now 1.0.4628-1 all [installed,automatic]
jitsi-meet-web/stable,now 1.0.4628-1 all [installed,automatic]
jitsi-meet/stable,now 2.0.5390-3 all [installed]
jitsi-videobridge2/stable,now 2.1-416-g2f43d1b4-1 all [installed,automatic]
What I have checked:
the auth.meet.myDomain.de certificate is in the java keystore
debian:auth.meet.myDomain.de.pem, Feb 21, 2021, trustedCertEntry,
Certificate fingerprint (SHA-256): E0:B7:71:39:0F:5F:C0:09:BA:0C:A5:7E:75:4F:DB:61:97:A7:65:55:6C:0E:FA:75:0B:A5:9B:F5:11:D3:95:D9
the password in
org.jitsi.jigasi.xmpp.acc.PASS
is cleartext and set with
prosodyctl register jigasi meet.myDomain.de mySecret
prosodyctl register jigasi auth.meet.myDomain.de mySecret
I can create a new room with the user jigasi and the password set.
I have tried
net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
true and false
I really would appreciate any any help. Thanks.
Stefan
jicofo/sip-communicator.properties
org.jitsi.jicofo.BRIDGE_MUC=JvbBrewery@internal.auth.meet.myDomain.de
org.jitsi.jicofo.auth.URL=XMPP:meet.myDomain.de
jigasi/sip-communicator.properties
org.jitsi.jigasi.MUC_SERVICE_ADDRESS=conference.meet.myDomain.de
net.java.sip.communicator.impl.protocol.SingleCallInProgressPolicy.enabled=false
net.java.sip.communicator.impl.neomedia.codec.audio.opus.encoder.COMPLEXITY=10
net.java.sip.communicator.packetlogging.PACKET_LOGGING_ENABLED=false
net.java.sip.communicator.impl.protocol.sip.acc1403273890647=acc1403273890647myDomain.de
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.ACCOUNT_UID=SIP\:777@pbx.YYY.de
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.PASSWORD=XXX
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.PROTOCOL_NAME=SIP
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.SERVER_ADDRESS=pbx.YYY.de
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.USER_ID=777@pbx.YYY.de
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.KEEP_ALIVE_INTERVAL=25
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.KEEP_ALIVE_METHOD=OPTIONS
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.VOICEMAIL_ENABLED=false
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.AMR-WB/16000=750
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.G722/8000=700
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.GSM/8000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.H263-1998/90000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.H264/90000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.PCMA/8000=600
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.PCMU/8000=650
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.SILK/12000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.SILK/16000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.SILK/24000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.SILK/8000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.VP8/90000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.iLBC/8000=10
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.opus/48000=1000
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.red/90000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.speex/16000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.speex/32000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.speex/8000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.telephone-event/8000=1
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.Encodings.ulpfec/90000=0
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.OVERRIDE_ENCODINGS=true
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.DEFAULT_ENCRYPTION=false
net.java.sip.communicator.impl.protocol.sip.acc1403273890647.DOMAIN_BASE=meet.myDomain.de
org.jitsi.jigasi.ALLOWED_JID=JigasiBrewery@internal.auth.meet.myDomain.de
org.jitsi.jigasi.BREWERY_ENABLED=true
org.jitsi.jigasi.xmpp.acc.IS_SERVER_OVERRIDDEN=true
org.jitsi.jigasi.xmpp.acc.SERVER_ADDRESS=127.0.0.1
org.jitsi.jigasi.xmpp.acc.VIDEO_CALLING_DISABLED=true
org.jitsi.jigasi.xmpp.acc.JINGLE_NODES_ENABLED=false
org.jitsi.jigasi.xmpp.acc.AUTO_DISCOVER_STUN=false
org.jitsi.jigasi.xmpp.acc.IM_DISABLED=true
org.jitsi.jigasi.xmpp.acc.SERVER_STORED_INFO_DISABLED=true
org.jitsi.jigasi.xmpp.acc.IS_FILE_TRANSFER_DISABLED=true
org.jitsi.jigasi.xmpp.acc.USER_ID=jigasi@auth.meet.myDomain.de
org.jitsi.jigasi.xmpp.acc.PASS=mySecret
org.jitsi.jigasi.xmpp.acc.ANONYMOUS_AUTH=false
net.java.sip.communicator.service.gui.ALWAYS_TRUST_MODE_ENABLED=true
My jigasi.log:
java.vm.vendor=Private Build
javax.security.auth.useSubjectCredsOnly=false
sun.arch.data.model=64
java.vendor.url=Unknown
user.timezone=Europe/Berlin
java.vm.specification.version=14
os.name=Linux
net.java.sip.communicator.impl.protocol.jabber.DISABLE_COIN=true
net.java.sip.communicator.service.media.MAX_PORT_NUMBER=20000
sun.java.launcher=SUN_STANDARD
user.country=US
sun.boot.library.path=/usr/lib/jvm/java-14-openjdk-amd64/lib
sun.java.command=org.jitsi.jigasi.Main --host=localhost --domain=meet.myDomain.de --logdir=/var/log/jitsi --configdir=/etc/jitsi --configdirname=jigasi
jdk.debug=release
sun.cpu.endian=little
user.home=/usr/share/jigasi
user.language=en
java.specification.vendor=Oracle Corporation
net.java.sip.communicator.impl.protocol.jabber.SKIP_DISCO_INFO_ON_SESSION_INITIATE=true
net.java.sip.communicator.impl.neomedia.audioSystem=audiosilence
java.version.date=2020-07-14
java.home=/usr/lib/jvm/java-14-openjdk-amd64
net.java.sip.communicator.impl.neomedia.video.maxbandwidth=2147483647
file.separator=/
java.vm.compressedOopsMode=Zero based
line.separator=
java.specification.name=Java Platform API Specification
java.vm.specification.vendor=Oracle Corporation
net.java.sip.communicator.impl.configuration.USE_PROPFILE_CONFIG=true
net.java.sip.communicator.SC_CACHE_DIR_LOCATION=/var/log/jitsi
net.java.sip.communicator.service.media.DISABLE_AUDIO_SUPPORT=false
java.util.logging.config.file=/etc/jitsi/jigasi/logging.properties
sun.management.compiler=HotSpot 64-Bit Tiered Compilers
net.java.sip.communicator.impl.protocol.sip.SKIP_REINVITE_ON_FOCUS_CHANGE_PROP=true
org.jitsi.service.audionotifier.AudioNotifierService=org.jitsi.impl.neomedia.notify.AudioNotifierServiceImpl
java.runtime.version=14.0.2+12-Ubuntu-120.04
user.name=jigasi
path.separator=:
callstats.configurationFile=/etc/jitsi/jigasi/callstats-java-sdk.properties
os.version=5.4.0-65-generic
java.runtime.name=OpenJDK Runtime Environment
net.java.sip.communicator.CONFIGURATION_FILE_IS_READ_ONLY=true
file.encoding=UTF-8
org.jitsi.impl.neomedia.device.PulseAudioSystem.disabled=true
org.jitsi.impl.neomedia.transform.csrc.SsrcTransformEngine.dropMutedAudioSourceInReverseTransform=true
java.vm.name=OpenJDK 64-Bit Server VM
net.java.sip.communicator.service.protocol.MIN_MEDIA_PORT_NUMBER=10000
net.java.sip.communicator.service.media.MIN_PORT_NUMBER=10000
net.java.sip.communicator.SC_LOG_DIR_LOCATION=/var/log/jitsi
java.security.auth.login.config=gss.conf
java.vendor.url.bug=Unknown
net.java.sip.communicator.service.media.DISABLE_VIDEO_SUPPORT=true
java.io.tmpdir=/tmp
net.java.sip.communicator.SC_HOME_DIR_NAME=jigasi
net.java.sip.communicator.impl.protocol.jabber.SKIP_RINGING_ON_SESSION_INITIATE=true
java.version=14.0.2
user.dir=/
os.arch=amd64
java.vm.specification.name=Java Virtual Machine Specification
net.java.sip.communicator.service.protocol.MAX_MEDIA_PORT_NUMBER=20000
java.library.path=/usr/share/jigasi/lib
java.vm.info=mixed mode, sharing
java.vendor=Private Build
net.java.sip.communicator.SC_HOME_DIR_LOCATION=/etc/jitsi
java.vm.version=14.0.2+12-Ubuntu-120.04
sun.io.unicode.encoding=UnicodeLittle
java.class.version=58.0
org.jitsi.impl.neomedia.device.PortAudioSystem.disabled=true
…
Only Error during init:
2021-02-22 10:27:50.933 SEVERE: [13] org.jitsi.impl.neomedia.device.DeviceConfiguration.log() Failed to register custom Renderer org.jitsi.impl.neomedia.jmfext.media.renderer.audio.PulseAudioRenderer with JMF.
java.lang.IllegalStateException: audioSystem
at org.jitsi.impl.neomedia.jmfext.media.renderer.audio.PulseAudioRenderer.<init>(PulseAudioRenderer.java:156)
but I guess that is ok?!
When I try to add someone (extension #22) in a room:
2021-02-22 10:27:54.175 INFO: [41] org.jitsi.jigasi.SipGateway.registrationStateChanged().120 REG STATE CHANGE ProtocolProviderServiceSipImpl(SIP:777@pbx.YYY.de) -> RegistrationStateChangeEvent[ oldState=Unregist
ered; newState=RegistrationState=Registering; userRequest=false; reasonCode=-1; reason=null]
2021-02-22 10:27:54.790 INFO: [58] org.jitsi.jigasi.SipGateway.registrationStateChanged().120 REG STATE CHANGE ProtocolProviderServiceSipImpl(SIP:777@pbx.YYY.de) -> RegistrationStateChangeEvent[ oldState=Register
ing; newState=RegistrationState=Registered; userRequest=false; reasonCode=-1; reason=null]
2021-02-22 10:27:54.794 WARNING: [58] org.jitsi.jigasi.health.SipHealthPeriodicChecker.log() No health check started, no HEALTH_CHECK_SIP_URI prop.
2021-02-22 10:27:55.045 INFO: [48] impl.protocol.jabber.ProtocolProviderServiceJabberImpl.authenticated().2423 Authenticated: false
2021-02-22 10:27:55.056 INFO: [48] org.jitsi.jigasi.xmpp.CallControlMucActivator.joinCommonRoom().286 Joining call control room: JigasiBrewery@internal.auth.meet.myDomain.de pps:ProtocolProviderServiceJabberImpl(Ja
bber:jigasi@auth.meet.myDomain.de)
2021-02-22 10:27:55.268 INFO: [65] impl.protocol.jabber.ChatRoomJabberImpl.joined().1323 jigasibrewery@internal.auth.meet.myDomain.de/focus has joined the jigasibrewery@internal.auth.meet.myDomain.de chat room.
2021-02-22 10:28:18.624 INFO: [65] org.jitsi.jigasi.xmpp.CallControl.handleDialIq().195 [ctx=16139860986241448039475] Got dial request fromnumber -> 22 room: testmeeting@conference.meet.myDomain.de
2021-02-22 10:28:18.633 INFO: [65] org.jitsi.jigasi.JvbConference.start().490 [ctx=16139860986241448039475] Starting JVB conference room: testmeeting@conference.meet.myDomain.de
2021-02-22 10:28:18.648 INFO: [65] org.jitsi.jigasi.JvbConference.setXmppProvider().633 [ctx=16139860986241448039475] Using ProtocolProviderServiceJabberImpl(Jabber:38d4fdd1@meet.myDomain.de/38d4fdd1)
2021-02-22 10:28:18.683 INFO: [78] org.igniterealtime.jbosh.BOSHClient.init() Starting with 1 request processors
2021-02-22 10:28:18.836 WARNING: [80] org.jivesoftware.smack.bosh.XMPPBOSHConnection.shutdown() shutdown
java.lang.NullPointerException
at org.igniterealtime.jbosh.BOSHClient.send(BOSHClient.java:494)
...
2021-02-22 10:28:18.837 WARNING: [80] org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListener() Connection XMPPBOSHConnection[not-authenticated] (1) closed with error
org.igniterealtime.jbosh.BOSHException: Could not obtain response
at org.igniterealtime.jbosh.ApacheHTTPResponse.awaitResponse(ApacheHTTPResponse.java:251)
at org.igniterealtime.jbosh.ApacheHTTPResponse.getBody(ApacheHTTPResponse.java:192)
...
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:325)
...
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:132)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1324)
... 30 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
... 35 more
2021-02-22 10:28:18.838 SEVERE: [78] impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin().1003 Failed to connect to XMPP service
org.jivesoftware.smack.SmackException$SecurityRequiredByClientException: SSL/TLS required by client but not supported by server
at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.java:390)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin(ProtocolProviderServiceJabberImpl.java:1309)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin(ProtocolProviderServiceJabberImpl.java:970)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.initializeConnectAndLogin(ProtocolProviderServiceJabberImpl.java:795)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.register(ProtocolProviderServiceJabberImpl.java:500)
at org.jitsi.jigasi.util.RegisterThread.run(RegisterThread.java:59)
2021-02-22 10:28:18.839 SEVERE: [78] org.jitsi.jigasi.JvbConference.registrationStateChanged().688 [ctx=16139860986241448039475] XMPP Connection failed.
2021-02-22 10:28:18.839 WARNING: [78] org.jitsi.jigasi.JvbConference.leaveConferenceRoom().1115 [ctx=16139860986241448039475] MUC room is null
2021-02-22 10:28:23.649 SEVERE: [65] org.jitsi.jigasi.xmpp.CallControlMucActivator.processIQ().589 Error processing RayoIq
java.lang.Exception: Fail to join muc!
at org.jitsi.jigasi.xmpp.CallControlMucActivator$WaitToJoinRoom.waitToJoinRoom(CallControlMucActivator.java:688)
at org.jitsi.jigasi.xmpp.CallControlMucActivator$DialIqHandler.setDialResponseAndRegisterHangUpHandler(CallControlMucActivator.java:621)
at org.jitsi.jigasi.xmpp.CallControlMucActivator$DialIqHandler.processIQ(CallControlMucActivator.java:578)
at org.jitsi.jigasi.xmpp.CallControlMucActivator$DialIqHandler.processIQ(CallControlMucActivator.java:556)
at org.jitsi.jigasi.xmpp.CallControlMucActivator$RayoIqHandler.handleIQRequest(CallControlMucActivator.java:741)
at org.jivesoftware.smack.AbstractXMPPConnection$4.run(AbstractXMPPConnection.java:1188)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630)
at java.base/java.lang.Thread.run(Thread.java:832)
2021-02-22 10:28:35.926 INFO: [65] impl.protocol.jabber.ChatRoomJabberImpl.left().1367 jigasibrewery@internal.auth.meet.myDomain.de/focus has left the jigasibrewery@internal.auth.meet.myDomain.de chat room.
2021-02-22 10:28:35.928 WARNING: [53] org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListe