Jitsi meet cant conect to AD with LDAP

I need help to connect the meeting with AD servers, I have followed the article on


but jitsi mee not work after create room

What are the console errors you see, start from there?

Thanks for reply.

where should I set ldap?
now I set the ldap in /etc/prosody/conf.d/ldap.cfg.lua
in the prosody artist I found it to be set in /etc/ldap/ldap.conf
I use Ubuntu 16.04 LTS

I have no experience with that, search the forum there were several people that reported it working.

You need to set your ldap configuration in /etc/prosody/conf.avail/ldap.cfg.lua
Do not forget to create a symlink in conf.d because prosody.cfg.lua only includes files coming from “conf.d”.

Just install “ldap2” by doing “apt install prosody-modules” and use it in “ldap.cfg.lua” as authentication (authentication = “ldap2”).

You’ll need setup on AD side too to get service on OpenLDAP.

Check this: https://blogs.msdn.microsoft.com/alextch/2012/04/25/configuring-openldap-pass-through-authentication-to-active-directory/

I’m having the same issue here:

The symptoms described in the first post are similar to mine. Jitsi-meet does not ask for the user’s credentials, the room opens somewhat, but it’s unusable. I’ll try a nightly build, but if that doesn’t change anything I’ll try filing a bug report on github.

Users who have/are successfully authenticating via LDAP, (or “mod_auth_external” or any other prosody module for that matter) would you mind sharing some info such as the jitsi-meet versions you’re using (stable/nightly – which one)?
The main issue I see here is that the jitsi-meet web application does not ask for the user’s credentials, so there’s no way the module/any module will ever be launched.

What do you mean unusable? Maybe sharing the client logs will help.

What do you mean by “client”? I’m using FF as a client as shown here:


I’d be more than happy to show more info if you guide me through.

On the server, logs don’t seem to show much once the room is created.

All browsers have javascript console under a developer menu, open it and see the errors and share it.
When there is a problem this is the first place to look at.

There are no significant errors in the web console. I’ll post the full log if you deem it fit. In the meantime, the following messages caught my eye:

[modules/xmpp/moderator.js] <d.prototype.parseConfigOptions>: Authentication enabled: false
lib-jitsi-meet.min.js:6:248046

[modules/xmpp/moderator.js] <d.prototype.parseConfigOptions>:  External authentication enabled: false
lib-jitsi-meet.min.js:6:248046

I need to check the code to see where these messages come from.
If there are no errors, what is the unusable in the room?

OK, so I’m going to paste everything I have so there’s no mix-up or confusion. I installed jitsi-meet stable builds on a debian system with apache (as well as prosody-modules). Everything is “default” and autoconfigured by the deb packages (I just told it that my machine is meet.mydomain.org and I provided self-signed certificates). So now I’ll just paste my custom files only (ie. the ones I edited manually):

# cat /etc/prosody/conf.d/ldap.cfg.lua
authentication = 'ldap2'

ldap = {
    hostname = '10.215.144.35',
    bind_dn = 'cn=ldapbind,cn=Users,dc=mydomain,dc=org',
    bind_password = 'h07500Man',
    -- use_tls = true,
    user = {
        basedn = 'cn=Users,dc=mydomain,dc=org',
        -- filter = '(objectClass=User)',
        usernamefield = 'sAMAccountName',
        namefield = 'cn',
    },
}

# cat /etc/prosody/conf.d/meet.mydomain.org.cfg.lua

VirtualHost "meet.mydomain.org"
--        authentication = "anonymous"
        authentication = "ldap2"
--        authentication = "external"
--      external_auth_command = "/etc/prosody/conf.d/custom_prosody_auth.sh"
        ssl = {
                key = "/etc/prosody/certs/meet.mydomain.org.key";
                certificate = "/etc/prosody/certs/meet.mydomain.org.crt";
        }
        modules_enabled = {
            "bosh";
            "pubsub";
            "ping"; -- Enable mod_ping
        }

        c2s_require_encryption = false

Component "conference.meet.mydomain.org" "muc"
    storage = "null"
    --modules_enabled = { "token_verification" }
admins = { "focus@auth.meet.mydomain.org" }

Component "jitsi-videobridge.meet.mydomain.org"
    component_secret = "czzEeVRH"

VirtualHost "auth.meet.mydomain.org"
    ssl = {
        key = "/etc/prosody/certs/auth.meet.mydomain.org.key";
        certificate = "/etc/prosody/certs/auth.meet.mydomain.org.crt";
    }
    authentication = "internal_plain"

Component "focus.meet.mydomain.org"
    component_secret = "lqrfPXSD"

When I connect to meet.mydomain.org with Firefox, this is what I get in the client web console AFTER I enter the room name and press enter:

[react/features/analytics/functions.js] <c/</<>:  Error creating analytics handler: Error: Failed to initialize Amplitude handler, no APP key
app.bundle.min.js:60:56163
[react/features/analytics/functions.js] <c/</<>:  Loaded 0 analytics handlers
app.bundle.min.js:60:56163
[react/features/base/storage/PersistenceRegistry.js] <persistState>:  redux state persisted. eda571889093841189fcc2056dfc395b -> 096560b5dc9e3867d3d5236fc1760b43
app.bundle.min.js:60:56163
content youtube
content-youtube.js:1:1
no youtube
content-youtube.js:6:4
content dailymotion
content-dailymotion.js:1:1
no dailymotion
content-dailymotion.js:6:4
content vimeo
content-vimeo.js:1:1
no vimeo
content-vimeo.js:6:4
(TIME) index.html loaded:	 185
testroom:18:9
[modules/browser/BrowserCapabilities.js] <t>:  This appears to be firefox, ver: 60.0
Logger.js:124:12
[react/index.web.js] <>:  (TIME) document ready:	 537
app.bundle.min.js:60:56163
[react/features/base/storage/PersistenceRegistry.js] <getPersistedState>:  redux state rehydrated as 
Object { "features/base/settings": {…}, "features/dropbox": {}, "features/video-layout": {…}, "features/recent-list": (17) […], "features/welcome": {}, "features/base/known-domains": (5) […] }
app.bundle.min.js:60:56163
[modules/UI/videolayout/VideoLayout.js] <changeUserAvatar>:  Missed avatar update - no small video yet for undefined
app.bundle.min.js:60:56163
[react/features/base/media/middleware.js] <>:  Start muted: 
app.bundle.min.js:60:56163
[react/features/base/media/middleware.js] <>:  Start audio only set to false
app.bundle.min.js:60:56163
[react/features/base/conference/middleware.js] <>:  Audio-only disabled
app.bundle.min.js:60:56163
[react/features/analytics/functions.js] <c/</<>:  Error creating analytics handler: Error: Failed to initialize Amplitude handler, no APP key
app.bundle.min.js:60:56163
[react/features/analytics/functions.js] <c/</<>:  Loaded 0 analytics handlers
app.bundle.min.js:60:56163
[react/features/base/devices/actions.js] <c/</</<>:  Failed to set audio output device.
                        Default audio output device will be used instead Error: Audio output device change is not supported
app.bundle.min.js:60:56163
[modules/RTC/RTCUtils.js] <value/<>:  Available devices:  
Array(5) [ MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo ]
Logger.js:124:12
[conference.js] <updateAudioIconEnabled>:  Microphone button enabled: true local audio: null audio devices: [object MediaDeviceInfo],[object MediaDeviceInfo],[object MediaDeviceInfo] device count: 3
app.bundle.min.js:60:56163
[conference.js] <updateVideoIconEnabled>:  Camera button enabled: true local video: null video devices: [object MediaDeviceInfo],[object MediaDeviceInfo] device count: 2
app.bundle.min.js:60:56163
[modules/RTC/RTCUtils.js] <value>:  Using the new gUM flow
Logger.js:124:12
[modules/xmpp/xmpp.js] <value>:  P2P STUN servers:  
Array(3) [ {…}, {…}, {…} ]
Logger.js:124:12
[modules/xmpp/xmpp.js] <value>:  (TIME) Strophe connecting:	 897
Logger.js:124:12
[modules/RTC/RTCUtils.js] <value/i<>:  Got media constraints:  
Object { video: {…}, audio: {…} }
Logger.js:124:12
[modules/xmpp/strophe.util.js] <t.a/i.Strophe.log>:  Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.
Logger.js:124:12
[react/features/base/storage/PersistenceRegistry.js] <persistState>:  redux state persisted. 096560b5dc9e3867d3d5236fc1760b43 -> 385787135698a16a66d9c30ff0555362
app.bundle.min.js:60:56163
[modules/RTC/RTCUtils.js] <value/</<>:  onUserMediaSuccess
Logger.js:124:12
[modules/RTC/JitsiLocalTrack.js] <value>:  Setting new MSID: {0178137d-8641-4d31-ae1d-e9b14ff792ea} {a862ce47-0242-48d0-a815-356ca5e1cbad} on LocalTrack[undefined,audio]
Logger.js:124:12
[modules/RTC/JitsiLocalTrack.js] <value>:  Setting new MSID: {a386fce1-2ce6-4204-9dc1-bfdb10b13923} {5262fd0d-9ebd-496c-9f36-457a278ca5ae} on LocalTrack[undefined,video]
Logger.js:124:12
[modules/xmpp/strophe.util.js] <t.a/i.Strophe.log>:  Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.
Logger.js:124:12

Now, despite the fact that I’m in the room, it is “unusable” (maybe a better word would be “unusual/nexpected”) because button clicks don’t apparently fire up anything. In my previous post I erroneously said there were no significant erros, but there are. For instance, right after clicking the red button to leave the room I get this message in the web console:

[JitsiMeetJS.js] <getGlobalOnErrorHandler>:  UnhandledError: TypeError: e is undefined Script: https://meet.mydomain/libs/app.bundle.min.js?v=3387 Line: 60 Column: 228118 StackTrace:  TypeError: e is undefined
Stack trace:
ft/<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:228118
r/</</<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:211:78251
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:271319
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:24:115808
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:77269
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:20580
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:13080
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:9960
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:4141
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:165309
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:211:72027
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:100803
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:24:92999
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:95793
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:95755
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:49243
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:29434
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:148:52829
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:39431
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:65:50182
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:148:49431
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:126777
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:243:52108
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:169573
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:243:48550
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:228796
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:112009
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:293235
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:289662
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:283973
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:80162
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:282292
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:47851
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:55878
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:54442
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:278018
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:183499
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:276559
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:275876
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:90768
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:274657
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:111700
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:136933
hangup@https://meet.mydomain/libs/app.bundle.min.js?v=3387:250:95694
s/<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:211:29710
r/</</<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:211:78251
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:271319
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:24:115808
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:77269
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:20580
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:13080
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:9960
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:4141
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:165309
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:211:72027
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:100803
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:24:92999
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:95793
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:95755
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:49243
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:29434
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:148:52829
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:39431
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:65:50182
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:148:49431
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:35:126777
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:243:52108
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:169573
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:243:48550
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:228796
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:112009
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:293235
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:289662
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:283973
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:80162
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:282292
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:47851
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:55878
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:54442
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:278018
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:60:183499
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:276559
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:275876
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:90768
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:232:274657
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:111700
@https://meet.mydomain/libs/app.bundle.min.js?v=3387:1:136933
_doHangup@https://meet.mydomain/libs/app.bundle.min.js?v=3387:24:74277
_handleClick@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:105985
_onClick@https://meet.mydomain/libs/app.bundle.min.js?v=3387:16:104517
f/<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:879
f@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:801
S/<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:1555
S@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:1524
A@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:2059
D@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:1892
N@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:2981
En@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:30345
Ps@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:98271
Fe@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:10256
An@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:30825
Ls/<@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:98548
t.unstable_runWithPriority@https://meet.mydomain/libs/app.bundle.min.js?v=3387:141:3194
Ls@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:98471
Cn@https://meet.mydomain/libs/app.bundle.min.js?v=3387:132:30568
 Logger.js:124:12

In any case, as you can see the root cause of all this is the fact that the jitsi-meet web application does not ask the user for his/her credentials.
It might all boil down to the message:
Server did not yet offer a supported authentication mechanism

What is “server” in this case?
Is it prosody? If so, please note that if I use any other xmpp client (like Jitsi Desktop), I can properly connect to prosody and authenticate via ldap.

This is your problem.
Can you add in prosody general section consider_bosh_secure = true and restart it.
https://prosody.im/doc/modules/mod_bosh

I’m afraid I already tried that, but it didn’t change anything.
Here’s EXACTLY what I did:

# grep consider_bosh_secure /etc/prosody/prosody.cfg.lua
consider_bosh_secure = true
# systemctl restart prosody

And here’s what Firefox says:

[react/features/analytics/functions.js] <c/</<>:  Error creating analytics handler: Error: Failed to initialize Amplitude handler, no APP key
app.bundle.min.js:60:56163
[react/features/analytics/functions.js] <c/</<>:  Loaded 0 analytics handlers
app.bundle.min.js:60:56163
[react/features/base/storage/PersistenceRegistry.js] <persistState>:  redux state persisted. fb5a4c9f711dd8ce1c94a0ba3104c135 -> 8a5ef311b9ddb599c4972acd074afa83
app.bundle.min.js:60:56163
content youtube
content-youtube.js:1:1
no youtube
content-youtube.js:6:4
content dailymotion
content-dailymotion.js:1:1
no dailymotion
content-dailymotion.js:6:4
content vimeo
content-vimeo.js:1:1
no vimeo
content-vimeo.js:6:4
(TIME) index.html loaded:	 197
testroom:18:9
[modules/browser/BrowserCapabilities.js] <t>:  This appears to be firefox, ver: 60.0
Logger.js:124:12
[react/index.web.js] <>:  (TIME) document ready:	 559
app.bundle.min.js:60:56163
[react/features/base/storage/PersistenceRegistry.js] <getPersistedState>:  redux state rehydrated as 
Object { "features/base/settings": {…}, "features/dropbox": {}, "features/video-layout": {…}, "features/recent-list": (17) […], "features/welcome": {}, "features/base/known-domains": (5) […] }
app.bundle.min.js:60:56163
[modules/UI/videolayout/VideoLayout.js] <changeUserAvatar>:  Missed avatar update - no small video yet for undefined
app.bundle.min.js:60:56163
[react/features/base/media/middleware.js] <>:  Start muted: 
app.bundle.min.js:60:56163
[react/features/base/media/middleware.js] <>:  Start audio only set to false
app.bundle.min.js:60:56163
[react/features/base/conference/middleware.js] <>:  Audio-only disabled
app.bundle.min.js:60:56163
[react/features/analytics/functions.js] <c/</<>:  Error creating analytics handler: Error: Failed to initialize Amplitude handler, no APP key
app.bundle.min.js:60:56163
[react/features/analytics/functions.js] <c/</<>:  Loaded 0 analytics handlers
app.bundle.min.js:60:56163
[react/features/base/devices/actions.js] <c/</</<>:  Failed to set audio output device.
                        Default audio output device will be used instead Error: Audio output device change is not supported
app.bundle.min.js:60:56163
[modules/RTC/RTCUtils.js] <value/<>:  Available devices:  
Array(5) [ MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo ]
Logger.js:124:12
[conference.js] <updateAudioIconEnabled>:  Microphone button enabled: true local audio: null audio devices: [object MediaDeviceInfo],[object MediaDeviceInfo],[object MediaDeviceInfo] device count: 3
app.bundle.min.js:60:56163
[conference.js] <updateVideoIconEnabled>:  Camera button enabled: true local video: null video devices: [object MediaDeviceInfo],[object MediaDeviceInfo] device count: 2
app.bundle.min.js:60:56163
[modules/RTC/RTCUtils.js] <value>:  Using the new gUM flow
Logger.js:124:12
[modules/xmpp/xmpp.js] <value>:  P2P STUN servers:  
Array(3) [ {…}, {…}, {…} ]
Logger.js:124:12
[modules/xmpp/xmpp.js] <value>:  (TIME) Strophe connecting:	 968
Logger.js:124:12
[modules/RTC/RTCUtils.js] <value/i<>:  Got media constraints:  
Object { video: {…}, audio: {…} }
Logger.js:124:12
[modules/xmpp/strophe.util.js] <t.a/i.Strophe.log>:  Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.
Logger.js:124:12
[react/features/base/storage/PersistenceRegistry.js] <persistState>:  redux state persisted. 8a5ef311b9ddb599c4972acd074afa83 -> 5af2f554be859a98236704efa203e0ad
app.bundle.min.js:60:56163
[modules/RTC/RTCUtils.js] <value/</<>:  onUserMediaSuccess
Logger.js:124:12
[modules/RTC/JitsiLocalTrack.js] <value>:  Setting new MSID: {d0b681f1-a800-4e0f-9aea-98b24ca0bf7a} {302df142-bd56-44b5-b00c-1201b12c3762} on LocalTrack[undefined,audio]
Logger.js:124:12
[modules/RTC/JitsiLocalTrack.js] <value>:  Setting new MSID: {e960514b-8d84-4d26-97e4-470fb6d3e674} {1fcd81f7-ebdb-485b-a037-602741536542} on LocalTrack[undefined,video]
Logger.js:124:12
[modules/RTC/RTCUtils.js] <n/<>:  list of media devices has changed: 
Array(5) [ MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo, MediaDeviceInfo ]
Logger.js:124:12

Pressing the red button to leave the room throws the same unhandled error.

Is this in the general part of your config?

Can you try adding there and c2s_require_encryption = false and try again.

No client errors matter till you fix the Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.

I already have both parameters as you say:

# cat /etc/prosody/prosody.cfg.lua | grep -v '^--' | grep -v ^$
admins = { }
modules_enabled = {
        -- Generally required
                "roster"; -- Allow users to have a roster. Recommended ;)
                "saslauth"; -- Authentication for clients and servers. Recommended if you want to log in.
                "tls"; -- Add support for secure TLS on c2s/s2s connections
                "dialback"; -- s2s dialback support
                "disco"; -- Service discovery
        -- Not essential, but recommended
                "private"; -- Private XML storage (for room bookmarks, etc.)
                "vcard"; -- Allow users to set vCards

        -- These are commented by default as they have a performance impact
                --"privacy"; -- Support privacy lists
                --"compression"; -- Stream compression (Debian: requires lua-zlib module to work)
        -- Nice to have
                "version"; -- Replies to server version requests
                "uptime"; -- Report how long server has been running
                "time"; -- Let others know the time here on this server
                "ping"; -- Replies to XMPP pings with pongs
                "pep"; -- Enables users to publish their mood, activity, playing music and more
                "register"; -- Allow users to register on this server using a client and change passwords
        -- Admin interfaces
                "admin_adhoc"; -- Allows administration via an XMPP client that supports ad-hoc commands
                --"admin_telnet"; -- Opens telnet console interface on localhost port 5582

        -- HTTP modules
                --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
                --"http_files"; -- Serve static files from a directory over HTTP
        -- Other specific functionality
                "posix"; -- POSIX functionality, sends server to background, enables syslog, etc.
                --"groups"; -- Shared roster support
                --"announce"; -- Send announcement to all online users
                --"welcome"; -- Welcome users who register accounts
                --"watchregistrations"; -- Alert admins of registrations
                --"motd"; -- Send a message to users when they log in
                --"legacyauth"; -- Legacy authentication. Only used by some old clients and bots.
};
modules_disabled = {
        -- "offline"; -- Store offline messages
        -- "c2s"; -- Handle client connections
        -- "s2s"; -- Handle server-to-server connections
};
allow_registration = false;
daemonize = true;
pidfile = "/var/run/prosody/prosody.pid";
ssl = {
        key = "/etc/prosody/certs/localhost.key";
        certificate = "/etc/prosody/certs/localhost.crt";
}
c2s_require_encryption = false
s2s_secure_auth = false
authentication = "internal_plain"
log = {
        -- Log files (change 'info' to 'debug' for debug logs):
        --info = "/var/log/prosody/prosody.log";
        debug = "/var/log/prosody/prosody.log";
        error = "/var/log/prosody/prosody.err";
        -- Syslog:
        { levels = { "error" }; to = "syslog";  };
}
VirtualHost "example.com"
        enabled = false -- Remove this line to enable this host
        -- Assign this host a certificate for TLS, otherwise it would use the one
        -- set in the global section (if any).
        -- Note that old-style SSL on port 5223 only supports one certificate, and will always
        -- use the global one.
        ssl = {
                key = "/etc/prosody/certs/example.com.key";
                certificate = "/etc/prosody/certs/example.com.crt";
        }
consider_bosh_secure = true
Include "conf.d/*.cfg.lua"

What else can I try/debug?

Can you move this before the virtual host section as it belongs to the general section of the file and try again.

damencho,

You nailed it!
Wow, what a sweat… It’s finally working.

It would be great to have this properly documented (all this hassle for just 1 line). I knew about the consider_bosh_secure parameter, and already placed it in the cfg file, but as I’m not fluent in LUA I wasn’t 100% sure what “general section” meant. I was supposing that if it was at the start of a line and out of a clause then it was “general”. My bad.

Thank you very much for your kind help and patience!

Hi Vieri,

Can you create complete documentation for this issue, i still confused.

Thank you.