Problem with 3 and more guests on a meeting

Hi all,
Like some others, my fresh install of a jisti-server cannot accept more than 2 connections on a meeting.
My config runs on debian 10 x64, directly on internet (no NAT behind a box).
Firewall was setup with ufw and tcp ports 80,443,4443 and udp port 10000 are open.

root@jitsix:~# ufw status
Status: active

To Action From


22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
4443 ALLOW Anywhere
10000/udp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
4443 (v6) ALLOW Anywhere (v6)
10000/udp (v6) ALLOW Anywhere (v6)

(i have followed thee quick install guide here https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md without doing the advaned conf (no NAT) et without modify /etc/systemd/system.conf
all is working fine for two users but not for 3+.

I have removed openjdk 11 et replaced it with oracle java 8 and set up JAVA_HOME. No changes.

I need some help, we need this server in context of covid-19 to permit people of my team to work at home with a conferencing capability.

thanks for your help

I’m afraid that this problem will not be solve, i saw that at least 6 topics posted today are around this issue : it’s ok for 2, not for 3+ users. Is it a bug. is it a pb version of linux (debian 10), java version, we all are in the black room. since my previous post, i disable ipV6, add udp port 10000:20000 to ufw, purge and reinstall, nothing changes !!!

i will be looking for another solution than jitsi

@doal6472 Can you send me in private message a link to your deployment so I can test?

Yes, You can try it at :

Good luck !

Hi @damencho. I have the same problem in my deployment server. Follow the link:
https://jitsi-teste2.saraivadigital.com.br

Hi all,
I made a completely fresh install on my 1&1 server, following these.steps :

  • reinstalling debian 10u3 x64
  • disabling ipv6
  • installing adoptopen 8 openjdk 1.8.0_242-b08
  • setting up firewall (ufw) enabling tcp 80,443, 4443 and udp 10000
  • installing jitsi following the quick-install guide, apache2 has been configured
  • my server is not behind NAT, so i did nothing of advanced conf
  • no modif of /etc/systemd/system.conf
  • creating letsencrypt certificate
  • starting services
    All is ok for a two users meeting, but when a third user comes, all video and audio are muted, always the same pb. i don’t know what to do now …
    @damencho -> sending you a private message ?

@doal6472 check your jicofo logs, jicofo is not connected to the xmpp server using its user connection(5222), the component one(5347) looks fine

in the jicofo.log

Jicofo 2020-03-30 15:22:55.952 WARNING: [11463] org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListener() Connection XMPPTCPConnection[not-authenticated] (0) closed with error
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:810)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1200(XMPPTCPConnection.java:151)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1071)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Caused by java ?

Hum, I haven’t seen this error for a while. Try executing sudo update-ca-certificates -f and then restart jicofo, does it help?

i try (as root) update-ca-certificates -f -v and reboot . it doesn’t help.

root@jitsix:/var/log/jitsi# update-ca-certificates -f -v
Clearing symlinks in /etc/ssl/certs…
done.
Updating certificates in /etc/ssl/certs…
Doing .
link D-TRUST_Root_Class_3_CA_2_EV_2009.pem -> d4dae3dd.0
link Amazon_Root_CA_1.pem -> ce5e74ef.0
link Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem -> 3bde41ac.0
link Certum_Trusted_Network_CA_2.pem -> 40193066.0
link Global_Chambersign_Root_-2008.pem -> 0c4c9b6c.0
link Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem -> 7719f463.0
link EE_Certification_Centre_Root_CA.pem -> 128805a3.0
link VeriSign_Class_3_Public_Primary_Certification_Authority
-G4.pem -> 7d0b38bd.0
link LuxTrust_Global_Root_2.pem -> def36a68.0
link COMODO_Certification_Authority.pem -> 40547a79.0
link AC_RAIZ_FNMT-RCM.pem -> cd8c0d63.0
link DigiCert_Assured_ID_Root_CA.pem -> b1159c4c.0
link Buypass_Class_2_Root_CA.pem -> 54657681.0
link Amazon_Root_CA_4.pem -> de6d66f3.0
link Buypass_Class_3_Root_CA.pem -> e8de2f56.0
link thawte_Primary_Root_CA
-G3.pem -> ba89ed3b.0
link ssl-cert-snakeoil.pem -> 0c31d5ce.0
link VeriSign_Universal_Root_Certification_Authority.pem -> c01cdfa2.0
link Staat_der_Nederlanden_Root_CA
-G3.pem -> 5a4d6896.0
link Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem -> 1636090b.0
link GlobalSign_ECC_Root_CA
-R4.pem -> b0e59380.0
link T-TeleSec_GlobalRoot_Class_2.pem -> 1e09d511.0
link TrustCor_RootCert_CA-2.pem -> 3e44d2f7.0
link Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem -> 32888f65.0
link GlobalSign_Root_CA
-R3.pem -> 062cdee6.0
link GeoTrust_Primary_Certification_Authority
-G3.pem -> e2799e36.0
link ePKI_Root_Certification_Authority.pem -> ca6e4ad9.0
link QuoVadis_Root_CA_3_G3.pem -> e18bfb83.0
link ISRG_Root_X1.pem -> 4042bcee.0
link Starfield_Services_Root_Certificate_Authority
-G2.pem -> 09789157.0
link TeliaSonera_Root_CA_v1.pem -> 5cd81ad7.0
link SZAFIR_ROOT_CA2.pem -> fe8a2cd8.0
link Amazon_Root_CA_2.pem -> 6d41d539.0
link Go_Daddy_Root_Certificate_Authority
-G2.pem -> cbf06781.0
link COMODO_ECC_Certification_Authority.pem -> eed8c118.0
link Staat_der_Nederlanden_Root_CA
-G2.pem -> 5c44d531.0
link Trustis_FPS_Root_CA.pem -> d853d49e.0
link Sonera_Class_2_Root_CA.pem -> 9c2e7d30.0
link GeoTrust_Universal_CA_2.pem -> 8867006a.0
link SecureTrust_CA.pem -> f39fc864.0
link Amazon_Root_CA_3.pem -> 8cb5ee0f.0
link Go_Daddy_Class_2_CA.pem -> f081611a.0
link Starfield_Root_Certificate_Authority
-G2.pem -> 4bfab552.0
link QuoVadis_Root_CA_3.pem -> 76faf6c0.0
link GDCA_TrustAUTH_R5_ROOT.pem -> 0f6fa695.0
link OISTE_WISeKey_Global_Root_GA_CA.pem -> b1b8a7f3.0
link Entrust.net_Premium_2048_Secure_Server_CA.pem -> aee5f10d.0
link DigiCert_Global_Root_G3.pem -> dd8e9d41.0
link Cybertrust_Global_Root.pem -> 76cb8f92.0
link SSL.com_EV_Root_Certification_Authority_RSA_R2.pem -> 06dc52d5.0
link DigiCert_Global_Root_G2.pem -> 607986c7.0
link SSL.com_EV_Root_Certification_Authority_ECC.pem -> f0c70a8d.0
link Certplus_Class_2_Primary_CA.pem -> f060240e.0
link GlobalSign_ECC_Root_CA
-R5.pem -> 1d3472b9.0
link GlobalSign_Root_CA
-R2.pem -> 4a6481c9.0
link auth.jitsix.ddns.net.pem -> d64ddec8.0
link Secure_Global_CA.pem -> b66938e9.0
link OISTE_WISeKey_Global_Root_GB_CA.pem -> e73d606e.0
link TrustCor_RootCert_CA-1.pem -> 5d3033c5.0
link COMODO_RSA_Certification_Authority.pem -> d6325660.0
link DigiCert_High_Assurance_EV_Root_CA.pem -> 244b5494.0
link USERTrust_RSA_Certification_Authority.pem -> fc5a8f99.0
link CFCA_EV_ROOT.pem -> 0b1b94ef.0
link OISTE_WISeKey_Global_Root_GC_CA.pem -> 773e07ad.0
link Entrust_Root_Certification_Authority
-EC1.pem -> 106f3e4d.0
link D-TRUST_Root_Class_3_CA_2_2009.pem -> c28a8a30.0
link SwissSign_Gold_CA
-G2.pem -> 4f316efb.0
link thawte_Primary_Root_CA.pem -> 2e4eed3c.0
link Verisign_Class_3_Public_Primary_Certification_Authority
-G3.pem -> c0ff1f52.0
link Atos_TrustedRoot_2011.pem -> e36a6752.0
link Deutsche_Telekom_Root_CA_2.pem -> 812e17de.0
link EC-ACC.pem -> 349f2832.0
link TWCA_Root_Certification_Authority.pem -> b7a5b843.0
link Certigna.pem -> e113c810.0
link DigiCert_Assured_ID_Root_G3.pem -> 7f3d5d1d.0
link ACCVRAIZ1.pem -> a94d09e5.0
link TrustCor_ECA-1.pem -> 7aaf71c0.0
link Actalis_Authentication_Root_CA.pem -> 930ac5d2.0
link NetLock_Arany
=Class_Gold=Főtanúsítvány.pem -> 988a38cb.0
link GeoTrust_Primary_Certification_Authority.pem -> 480720ec.0
link SwissSign_Silver_CA
-G2.pem -> 57bcb2da.0
link QuoVadis_Root_CA_1_G3.pem -> 749e9e03.0
link GlobalSign_Root_CA
-R6.pem -> dc4d6a89.0
link Microsec_e-Szigno_Root_CA_2009.pem -> 8160b96c.0
link DigiCert_Trusted_Root_G4.pem -> 75d1b2ed.0
link SSL.com_Root_Certification_Authority_ECC.pem -> 0bf05006.0
link QuoVadis_Root_CA.pem -> 080911ac.0
link Chambers_of_Commerce_Root
-2008.pem -> c47d9980.0
link AffirmTrust_Commercial.pem -> 2b349938.0
link IdenTrust_Commercial_Root_CA_1.pem -> ef954a4e.0
link QuoVadis_Root_CA_2.pem -> d7e8dc79.0
link GlobalSign_Root_CA.pem -> 5ad8a5d6.0
link SSL.com_Root_Certification_Authority_RSA.pem -> 6fa5da56.0
link AddTrust_External_Root.pem -> 157753a5.0
link Taiwan_GRCA.pem -> 6410666e.0
link Izenpe.com.pem -> cc450945.0
link CA_Disig_Root_R2.pem -> 2ae6433e.0
link Starfield_Class_2_CA.pem -> f387163d.0
link GeoTrust_Global_CA.pem -> 2c543cd1.0
link Entrust_Root_Certification_Authority.pem -> 6b99d060.0
link Certum_Trusted_Network_CA.pem -> 48bec511.0
link E-Tugra_Certification_Authority.pem -> 5273a94c.0
link DST_Root_CA_X3.pem -> 2e5ac55d.0
link SecureSign_RootCA11.pem -> 18856ac4.0
link VeriSign_Class_3_Public_Primary_Certification_Authority
-G5.pem -> b204d74a.0
link TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi
-Surum_1.pem -> ff34af3f.0
link Hongkong_Post_Root_CA_1.pem -> 3e45d192.0
link DigiCert_Assured_ID_Root_G2.pem -> 9d04f354.0
link AffirmTrust_Premium_ECC.pem -> 9c8dfbd4.0
link thawte_Primary_Root_CA
-G2.pem -> c089bbbd.0
link DigiCert_Global_Root_CA.pem -> 3513523f.0
link AffirmTrust_Premium.pem -> b727005e.0
link Security_Communication_RootCA2.pem -> cd58d51e.0
link Baltimore_CyberTrust_Root.pem -> 653b494a.0
link Staat_der_Nederlanden_EV_Root_CA.pem -> 03179a64.0
link Network_Solutions_Certificate_Authority.pem -> 4304c5e5.0
link Security_Communication_Root_CA.pem -> f3377b1b.0
link QuoVadis_Root_CA_2_G3.pem -> 064e0aa9.0
link Certinomis
-Root_CA.pem -> 9f0f5fd6.0
link T-TeleSec_GlobalRoot_Class_3.pem -> 5443e9e3.0
link AffirmTrust_Networking.pem -> 93bc0acc.0
link GeoTrust_Primary_Certification_Authority
-G2.pem -> 116bf586.0
link XRamp_Global_CA_Root.pem -> 706f604c.0
link GeoTrust_Universal_CA.pem -> ad088e1d.0
link USERTrust_ECC_Certification_Authority.pem -> f30dd6ad.0
link Entrust_Root_Certification_Authority
-_G2.pem -> 02265526.0
link Comodo_AAA_Services_root.pem -> ee64a828.0
link TWCA_Global_Root_CA.pem -> 5f15c80c.0
link IdenTrust_Public_Sector_Root_CA_1.pem -> 1e08bfd1.0
link certSIGN_ROOT_CA.pem -> 8d86cdd1.0
129 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d…

Replacing debian:ACCVRAIZ1.pem
Replacing debian:AC_RAIZ_FNMT-RCM.pem
Replacing debian:Actalis_Authentication_Root_CA.pem
Replacing debian:AddTrust_External_Root.pem
Replacing debian:AffirmTrust_Commercial.pem
Replacing debian:AffirmTrust_Networking.pem
Replacing debian:AffirmTrust_Premium.pem
Replacing debian:AffirmTrust_Premium_ECC.pem
Replacing debian:Amazon_Root_CA_1.pem
Replacing debian:Amazon_Root_CA_2.pem
Replacing debian:Amazon_Root_CA_3.pem
Replacing debian:Amazon_Root_CA_4.pem
Replacing debian:Atos_TrustedRoot_2011.pem
Replacing debian:Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
Replacing debian:Baltimore_CyberTrust_Root.pem
Replacing debian:Buypass_Class_2_Root_CA.pem
Replacing debian:Buypass_Class_3_Root_CA.pem
Replacing debian:CA_Disig_Root_R2.pem
Replacing debian:Certigna.pem
Replacing debian:Certinomis_-Root_CA.pem
Replacing debian:Certplus_Class_2_Primary_CA.pem
Replacing debian:certSIGN_ROOT_CA.pem
Replacing debian:Certum_Trusted_Network_CA_2.pem
Replacing debian:Certum_Trusted_Network_CA.pem
Replacing debian:CFCA_EV_ROOT.pem
Replacing debian:Chambers_of_Commerce_Root
-2008.pem
Replacing debian:Comodo_AAA_Services_root.pem
Replacing debian:COMODO_Certification_Authority.pem
Replacing debian:COMODO_ECC_Certification_Authority.pem
Replacing debian:COMODO_RSA_Certification_Authority.pem
Replacing debian:Cybertrust_Global_Root.pem
Replacing debian:Deutsche_Telekom_Root_CA_2.pem
Replacing debian:DigiCert_Assured_ID_Root_CA.pem
Replacing debian:DigiCert_Assured_ID_Root_G2.pem
Replacing debian:DigiCert_Assured_ID_Root_G3.pem
Replacing debian:DigiCert_Global_Root_CA.pem
Replacing debian:DigiCert_Global_Root_G2.pem
Replacing debian:DigiCert_Global_Root_G3.pem
Replacing debian:DigiCert_High_Assurance_EV_Root_CA.pem
Replacing debian:DigiCert_Trusted_Root_G4.pem
Replacing debian:DST_Root_CA_X3.pem
Replacing debian:D-TRUST_Root_Class_3_CA_2_2009.pem
Replacing debian:D-TRUST_Root_Class_3_CA_2_EV_2009.pem
Replacing debian:EC-ACC.pem
Replacing debian:EE_Certification_Centre_Root_CA.pem
Replacing debian:Entrust.net_Premium_2048_Secure_Server_CA.pem
Replacing debian:Entrust_Root_Certification_Authority.pem
Replacing debian:Entrust_Root_Certification_Authority
-EC1.pem
Replacing debian:Entrust_Root_Certification_Authority
-G2.pem
Replacing debian:ePKI_Root_Certification_Authority.pem
Replacing debian:E-Tugra_Certification_Authority.pem
Replacing debian:GDCA_TrustAUTH_R5_ROOT.pem
Replacing debian:GeoTrust_Global_CA.pem
Replacing debian:GeoTrust_Primary_Certification_Authority.pem
Replacing debian:GeoTrust_Primary_Certification_Authority
-G2.pem
Replacing debian:GeoTrust_Primary_Certification_Authority
-G3.pem
Replacing debian:GeoTrust_Universal_CA_2.pem
Replacing debian:GeoTrust_Universal_CA.pem
Replacing debian:Global_Chambersign_Root
-2008.pem
Replacing debian:GlobalSign_ECC_Root_CA
-R4.pem
Replacing debian:GlobalSign_ECC_Root_CA
-R5.pem
Replacing debian:GlobalSign_Root_CA.pem
Replacing debian:GlobalSign_Root_CA
-R2.pem
Replacing debian:GlobalSign_Root_CA
-R3.pem
Replacing debian:GlobalSign_Root_CA
-R6.pem
Replacing debian:Go_Daddy_Class_2_CA.pem
Replacing debian:Go_Daddy_Root_Certificate_Authority
-G2.pem
Replacing debian:Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
Replacing debian:Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
Replacing debian:Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
Replacing debian:Hongkong_Post_Root_CA_1.pem
Replacing debian:IdenTrust_Commercial_Root_CA_1.pem
Replacing debian:IdenTrust_Public_Sector_Root_CA_1.pem
Replacing debian:ISRG_Root_X1.pem
Replacing debian:Izenpe.com.pem
Replacing debian:LuxTrust_Global_Root_2.pem
Replacing debian:Microsec_e-Szigno_Root_CA_2009.pem
Replacing debian:NetLock_Arany
=Class_Gold=Főtanúsítvány.pem
Replacing debian:Network_Solutions_Certificate_Authority.pem
Replacing debian:OISTE_WISeKey_Global_Root_GA_CA.pem
Replacing debian:OISTE_WISeKey_Global_Root_GB_CA.pem
Replacing debian:OISTE_WISeKey_Global_Root_GC_CA.pem
Replacing debian:QuoVadis_Root_CA_1_G3.pem
Replacing debian:QuoVadis_Root_CA_2.pem
Replacing debian:QuoVadis_Root_CA_2_G3.pem
Replacing debian:QuoVadis_Root_CA_3.pem
Replacing debian:QuoVadis_Root_CA_3_G3.pem
Replacing debian:QuoVadis_Root_CA.pem
Replacing debian:Secure_Global_CA.pem
Replacing debian:SecureSign_RootCA11.pem
Replacing debian:SecureTrust_CA.pem
Replacing debian:Security_Communication_RootCA2.pem
Replacing debian:Security_Communication_Root_CA.pem
Replacing debian:Sonera_Class_2_Root_CA.pem
Replacing debian:SSL.com_EV_Root_Certification_Authority_ECC.pem
Replacing debian:SSL.com_EV_Root_Certification_Authority_RSA_R2.pem
Replacing debian:SSL.com_Root_Certification_Authority_ECC.pem
Replacing debian:SSL.com_Root_Certification_Authority_RSA.pem
Replacing debian:Staat_der_Nederlanden_EV_Root_CA.pem
Replacing debian:Staat_der_Nederlanden_Root_CA
-G2.pem
Replacing debian:Staat_der_Nederlanden_Root_CA
-G3.pem
Replacing debian:Starfield_Class_2_CA.pem
Replacing debian:Starfield_Root_Certificate_Authority
-G2.pem
Replacing debian:Starfield_Services_Root_Certificate_Authority
-G2.pem
Replacing debian:SwissSign_Gold_CA
-G2.pem
Replacing debian:SwissSign_Silver_CA
-G2.pem
Replacing debian:SZAFIR_ROOT_CA2.pem
Replacing debian:Taiwan_GRCA.pem
Replacing debian:TeliaSonera_Root_CA_v1.pem
Replacing debian:thawte_Primary_Root_CA.pem
Replacing debian:thawte_Primary_Root_CA
-G2.pem
Replacing debian:thawte_Primary_Root_CA
-G3.pem
Replacing debian:TrustCor_ECA-1.pem
Replacing debian:TrustCor_RootCert_CA-1.pem
Replacing debian:TrustCor_RootCert_CA-2.pem
Replacing debian:Trustis_FPS_Root_CA.pem
Replacing debian:T-TeleSec_GlobalRoot_Class_2.pem
Replacing debian:T-TeleSec_GlobalRoot_Class_3.pem
Replacing debian:TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi
-Surum_1.pem
Replacing debian:TWCA_Global_Root_CA.pem
Replacing debian:TWCA_Root_Certification_Authority.pem
Replacing debian:USERTrust_ECC_Certification_Authority.pem
Replacing debian:USERTrust_RSA_Certification_Authority.pem
Replacing debian:Verisign_Class_3_Public_Primary_Certification_Authority
-G3.pem
Replacing debian:VeriSign_Class_3_Public_Primary_Certification_Authority
-G4.pem
Replacing debian:VeriSign_Class_3_Public_Primary_Certification_Authority
-_G5.pem
Replacing debian:VeriSign_Universal_Root_Certification_Authority.pem
Replacing debian:XRamp_Global_CA_Root.pem
Replacing debian:auth.jitsix.ddns.net.pem
done.
done.

nothing about “Sun”

found that https://stackoverflow.com/questions/30350120/sslhandshakeexception-while-connecting-to-a-https-site and my server runs java 8 …

@damencho can help? TypeError: Cannot read property 'b' of undefined

saw that topic JVB 2 considered stable so update all packages and update-ca-certificates -f -v and restart all. switch to openjdk 11 & restart. No more errors for javax.net.ssl.SSLHandshakeException:

but in jicofo.log ->
Jicofo 2020-03-31 15:35:45.876 SEVERE: [119] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.doConnect().315 Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.base/java.lang.Thread.run(Thread.java:834)

and in jvb.log ->
020-03-31 15:28:53.061 INFO: [23] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$7#648: Logging in.
2020-03-31 15:28:53.061 SEVERE: [23] RetryStrategy$TaskRunner.run#198: org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.base/java.lang.Thread.run(Thread.java:834)
2020-03-31 15:28:54.983 INFO: [18] Videobridge.createConference#326: create_conf, id=6f524ffe12efe0d5 gid=null logging=false
2020-03-31 15:28:54.990 INFO: [18] Health.doRun#294: Performed a successful health check in 7ms. Sticky failure: false
2020-03-31 15:28:58.063 INFO: [23] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$7#648: Logging in.
2020-03-31 15:28:58.064 SEVERE: [23] RetryStrategy$TaskRunner.run#198: org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized

???

always no more than 2 users …

I cannot explain why it worked for me and not for you but,
(to be sure) i didnt mention that in my update of java 11 , i updated the java environnement (as on https://linuxize.com/post/install-java-on-debian-10/)
if it can help …

This is jicofo using wrong password to join prosody.

Hey I have a smillar porblem. How can I change the password for jicofo and where can i find it?

This is JICOFO_AUTH_USER in /etc/jitsi/jicofo/config. The actual password is saved in a file under /var/lib/prosody folder named after your auth… domain.

What were the steps you followed to have this error? Did you edit a config file? You had which version and upgraded? How did you upgraded? What is the OS you use?

i got the “SASLError using SCRAM-SHA-1” too

here is how i solved it (for my case) :

Hi everybody,

I have the same problem.
I installed jitsi on a virtual server (vmware) but as soon as you connect to 3: loss of image and sound.
firewall is disabled.
no error in logs…

thank you in advance

I tested locally it works nickel, it’s just outside that bug
NAT behind a box.
I opened port 443 only are there other ports to open?