Udp 10000 no body use

Did you systemctl restart prosody ?
if yes, maybe try to edit the .cnf file to keep only the DNS entries in the alternate section and redo the prosody certificate procedure again.

[subject_alternative_name]
DNS.0 = internal.auth.yoururl.yourtld
DNS.1 = auth.yoururl.yourtld

remember that jicofo and jvb don’t try to reconnect immediately, if in doubt restart them too.

try no success ((((

unfortunately I don’t think it’s fully possible to test the server using classic tools, the best I have found in this case is to create an additional entry in /etc/hosts with 127.0.0.1 auth.yoururl.yourtld, then

openssl s_client -starttls xmpp -connect auth.yoururl.yourtld:5222 -showcerts | openssl x509 -text

if s_client displays the new certifticate you just created, then Prosody has taken it in account - and I can’t imagine why it would not work. If you get an error then you have done a mistake somewhere.

openssl s_client -starttls xmpp -connect auth.jitsi.advocatorb.ru:5222 -showcerts | openssl x509 -text
139839711311040:error:0200206F:system library:connect:Connection refused:…/crypto/bio/b_sock2.c:110:
139839711311040:error:2008A067:BIO routines:BIO_connect:connect error:…/crypto/bio/b_sock2.c:111:
connect:errno=111
unable to load certificate
139844714501312:error:0909006C:PEM routines:get_name:no start line:…/crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE

not exactly a logical result since the logs you posted showed clearly that some processes do connect to port 5222… do you run this on the server itself ?

yes I do

openssl s_client -starttls xmpp -connect auth.jitsi.advocatorb.ru:5222 -showcerts | openssl x509 -text

depth=0 C = RU, L = The Internet, O = Your Organisation, OU = XMPP Department, CN = auth.jitsi.advocatorb.ru, emailAddress = xmpp@auth.jitsi.advocatorb.ru
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = RU, L = The Internet, O = Your Organisation, OU = XMPP Department, CN = auth.jitsi.advocatorb.ru, emailAddress = xmpp@auth.jitsi.advocatorb.ru
Validity
Not Before: Dec 5 03:03:01 2020 GMT
Not After : Dec 5 03:03:01 2021 GMT
Subject: C = RU, L = The Internet, O = Your Organisation, OU = XMPP Department, CN = auth.jitsi.advocatorb.ru, emailAddress = xmpp@auth.jitsi.advocatorb.ru
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:

                63:6f
            Exponent: 65537 (0x10001)
    X509v3 extensions:
        X509v3 Subject Alternative Name:
            DNS:auth.jitsi.advocatorb.ru, DNS:internal.auth.jitsi.advocatorb.ru, othername:<unsupported>, othername:<unsupported>, othername:<unsupported>, othername:<unsupported>, othername:<unsupported>
        X509v3 Basic Constraints:
            CA:TRUE
Signature Algorithm: sha256WithRSAEncryption

-----BEGIN CERTIFICATE-----I add line to hosts and now get this answer

baffling… can you install tshark, systemctl stop jicofo and jitsi-videobridge2, then run

sudo tshark -s 0 -i lo port 5222

and (from another terminal of course)
sudo systemctl start jicofo

and post the 20 first lines of tshark output ?

Capturing on ‘Loopback’
1 0.000000000 127.0.0.1 → 127.0.0.1 TCP 74 58808 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3076399056 TSecr=0 WS=256
2 0.000015917 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 58808 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3076399056 TSecr=3076399056 WS=256
3 0.000029145 127.0.0.1 → 127.0.0.1 TCP 66 58808 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3076399056 TSecr=3076399056
4 0.015995461 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
5 0.016010746 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 58808 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3076399072 TSecr=3076399072
6 0.016442410 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
7 0.016452272 127.0.0.1 → 127.0.0.1 TCP 66 58808 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3076399072 TSecr=3076399072
8 0.017583312 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
9 0.017875882 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
10 0.062749175 127.0.0.1 → 127.0.0.1 TCP 66 58808 → 5222 [ACK] Seq=205 Ack=366 Win=65536 Len=0 TSval=3076399118 TSecr=3076399074
11 0.177806760 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
12 0.180977847 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
13 0.180995817 127.0.0.1 → 127.0.0.1 TCP 66 58808 → 5222 [ACK] Seq=505 Ack=2246 Win=64256 Len=0 TSval=3076399237 TSecr=3076399237
14 0.205706653 127.0.0.1 → 127.0.0.1 TLSv1.2 78 Certificate
15 0.246747539 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 58808 [ACK] Seq=2246 Ack=517 Win=65536 Len=0 TSval=3076399302 TSecr=3076399261
16 0.246764985 127.0.0.1 → 127.0.0.1 TLSv1.2 173 Client Key Exchange
17 0.246772888 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 58808 [ACK] Seq=2246 Ack=624 Win=65536 Len=0 TSval=3076399302 TSecr=3076399302
18 0.252130708 127.0.0.1 → 127.0.0.1 TLSv1.2 72 Change Cipher Spec
19 0.252139591 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 58808 [ACK] Seq=2246 Ack=630 Win=65536 Len=0 TSval=3076399308 TSecr=3076399308
20 0.278547683 127.0.0.1 → 127.0.0.1 TLSv1.2 111 Encrypted Handshake Message
21 0.278558340 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 58808 [ACK] Seq=2246 Ack=675 Win=65536 Len=0 TSval=3076399334 TSecr=3076399334
22 0.278709779 127.0.0.1 → 127.0.0.1 TLSv1.2 117 Change Cipher Spec, Encrypted Handshake Message
23 0.280859990 127.0.0.1 → 127.0.0.1 TLSv1.2 238 Application Data
24 0.281449787 127.0.0.1 → 127.0.0.1 TLSv1.2 505 Application Data
25 0.284887868 127.0.0.1 → 127.0.0.1 TLSv1.2 233 Application Data
26 0.287991973 127.0.0.1 → 127.0.0.1 TLSv1.2 331 Application Data
27 0.328904284 127.0.0.1 → 127.0.0.1 TLSv1.2 301 Application Data
28 0.329556931 127.0.0.1 → 127.0.0.1 TLSv1.2 195 Application Data
29 0.330925152 127.0.0.1 → 127.0.0.1 TLSv1.2 280 Application Data
30 0.331516677 127.0.0.1 → 127.0.0.1 TLSv1.2 636 Application Data
31 0.336762784 127.0.0.1 → 127.0.0.1 TLSv1.2 222 Application Data
32 0.337405546 127.0.0.1 → 127.0.0.1 TLSv1.2 246 Application Data
33 0.344521228 127.0.0.1 → 127.0.0.1 TLSv1.2 348 Application Data
34 0.345221869 127.0.0.1 → 127.0.0.1 TLSv1.2 1178 Application Data
35 0.347895560 127.0.0.1 → 127.0.0.1 TLSv1.2 221 Application Data
36 0.348278824 127.0.0.1 → 127.0.0.1 TLSv1.2 329 Application Data
37 0.349511957 127.0.0.1 → 127.0.0.1 TLSv1.2 229 Application Data
38 0.350018304 127.0.0.1 → 127.0.0.1 TLSv1.2 687 Application Data
39 0.351314704 127.0.0.1 → 127.0.0.1 TLSv1.2 221 Application Data
40 0.351694230 127.0.0.1 → 127.0.0.1 TLSv1.2 329 Application Data
41 0.352403400 127.0.0.1 → 127.0.0.1 TLSv1.2 229 Application Data
42 0.352780211 127.0.0.1 → 127.0.0.1 TLSv1.2 687 Application Data
43 0.367267062 127.0.0.1 → 127.0.0.1 TLSv1.2 229 Application Data
44 0.367742469 127.0.0.1 → 127.0.0.1 TLSv1.2 687 Application Data
45 0.370438191 127.0.0.1 → 127.0.0.1 TLSv1.2 355 Application Data
46 0.371646091 127.0.0.1 → 127.0.0.1 TLSv1.2 765 Application Data
47 0.376378167 127.0.0.1 → 127.0.0.1 TLSv1.2 239 Application Data
48 0.377978352 127.0.0.1 → 127.0.0.1 TLSv1.2 3263 Application Data
49 0.384118344 127.0.0.1 → 127.0.0.1 TLSv1.2 465 Application Data
50 0.385088823 127.0.0.1 → 127.0.0.1 TLSv1.2 236 Application Data
51 0.387399298 127.0.0.1 → 127.0.0.1 TLSv1.2 216 Application Data
52 0.387880391 127.0.0.1 → 127.0.0.1 TLSv1.2 574 Application Data
53 0.390304629 127.0.0.1 → 127.0.0.1 TLSv1.2 200 Application Data
54 0.390708533 127.0.0.1 → 127.0.0.1 TLSv1.2 320 Application Data
55 0.392065470 127.0.0.1 → 127.0.0.1 TLSv1.2 221 Application Data
56 0.392534707 127.0.0.1 → 127.0.0.1 TLSv1.2 391 Application Data
57 0.396795888 127.0.0.1 → 127.0.0.1 TLSv1.2 234 Application Data
58 0.397238053 127.0.0.1 → 127.0.0.1 TLSv1.2 308 Application Data
59 0.398274625 127.0.0.1 → 127.0.0.1 TLSv1.2 228 Application Data
60 0.398695139 127.0.0.1 → 127.0.0.1 TLSv1.2 322 Application Data
61 0.399756350 127.0.0.1 → 127.0.0.1 TLSv1.2 226 Application Data
62 0.400147957 127.0.0.1 → 127.0.0.1 TLSv1.2 654 Application Data
63 0.401233874 127.0.0.1 → 127.0.0.1 TLSv1.2 221 Application Data
64 0.401601012 127.0.0.1 → 127.0.0.1 TLSv1.2 649 Application Data
65 0.402658156 127.0.0.1 → 127.0.0.1 TLSv1.2 221 Application Data
66 0.403089510 127.0.0.1 → 127.0.0.1 TLSv1.2 1110 Application Data
67 0.403975296 127.0.0.1 → 127.0.0.1 TLSv1.2 201 Application Data
68 0.404316160 127.0.0.1 → 127.0.0.1 TLSv1.2 321 Application Data
69 0.406598462 127.0.0.1 → 127.0.0.1 TLSv1.2 253 Application Data
70 0.407364538 127.0.0.1 → 127.0.0.1 TLSv1.2 343 Application Data
71 0.450750497 127.0.0.1 → 127.0.0.1 TCP 66 58808 → 5222 [ACK] Seq=5122 Ack=15779 Win=65536 Len=0 TSval=3076399506 TSecr=3076399463

duh, not only the certificate is correct but the connection succeeds. From where is coming this error message about bad certificate in the prosody log then ? do you have similar result when stopping jicofo and starting videobridge ? and if yes do you have still error messages about certificate in the prosody log ?

jvb start
Capturing on ‘Loopback’
1 0.000000000 127.0.0.1 → 127.0.0.1 TCP 74 59698 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3076983230 TSecr=0 WS=256
2 0.000022096 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 59698 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3076983230 TSecr=3076983230 WS=256
3 0.000040530 127.0.0.1 → 127.0.0.1 TCP 66 59698 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3076983230 TSecr=3076983230
4 0.012867226 127.0.0.1 → 127.0.0.1 XMPP/XML 245 STREAM > auth.jitsi.advocatorb.ru
5 0.012889515 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 59698 [ACK] Seq=1 Ack=180 Win=65536 Len=0 TSval=3076983243 TSecr=3076983243
6 0.013362543 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
7 0.013372321 127.0.0.1 → 127.0.0.1 TCP 66 59698 → 5222 [ACK] Seq=180 Ack=316 Win=65280 Len=0 TSval=3076983244 TSecr=3076983244
8 0.014243422 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
9 0.014487805 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
10 0.054523268 127.0.0.1 → 127.0.0.1 TCP 66 59698 → 5222 [ACK] Seq=241 Ack=366 Win=65536 Len=0 TSval=3076983285 TSecr=3076983245
11 0.147466418 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
12 0.150605479 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
13 0.150621680 127.0.0.1 → 127.0.0.1 TCP 66 59698 → 5222 [ACK] Seq=541 Ack=2246 Win=64256 Len=0 TSval=3076983381 TSecr=3076983381
14 0.176989938 127.0.0.1 → 127.0.0.1 TLSv1.2 78 Certificate
15 0.218526025 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 59698 [ACK] Seq=2246 Ack=553 Win=65536 Len=0 TSval=3076983449 TSecr=3076983407
16 0.218956872 127.0.0.1 → 127.0.0.1 TLSv1.2 173 Client Key Exchange
17 0.218967792 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 59698 [ACK] Seq=2246 Ack=660 Win=65536 Len=0 TSval=3076983449 TSecr=3076983449
18 0.249325932 127.0.0.1 → 127.0.0.1 TLSv1.2 72 Change Cipher Spec
19 0.249338397 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 59698 [ACK] Seq=2246 Ack=666 Win=65536 Len=0 TSval=3076983480 TSecr=3076983480
20 0.274776110 127.0.0.1 → 127.0.0.1 TLSv1.2 111 Encrypted Handshake Message
21 0.274785678 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 59698 [ACK] Seq=2246 Ack=711 Win=65536 Len=0 TSval=3076983505 TSecr=3076983505
22 0.274972720 127.0.0.1 → 127.0.0.1 TLSv1.2 117 Change Cipher Spec, Encrypted Handshake Message
23 0.277555089 127.0.0.1 → 127.0.0.1 TLSv1.2 274 Application Data
24 0.278178381 127.0.0.1 → 127.0.0.1 TLSv1.2 505 Application Data
25 0.281705958 127.0.0.1 → 127.0.0.1 TLSv1.2 233 Application Data
26 0.285157524 127.0.0.1 → 127.0.0.1 TLSv1.2 331 Application Data
27 0.326525848 127.0.0.1 → 127.0.0.1 TCP 66 59698 → 5222 [ACK] Seq=1086 Ack=3001 Win=65536 Len=0 TSval=3076983557 TSecr=3076983515
28 0.336321181 127.0.0.1 → 127.0.0.1 TLSv1.2 301 Application Data
29 0.336788170 127.0.0.1 → 127.0.0.1 TLSv1.2 195 Application Data
30 0.336805157 127.0.0.1 → 127.0.0.1 TCP 66 59698 → 5222 [ACK] Seq=1321 Ack=3130 Win=65536 Len=0 TSval=3076983567 TSecr=3076983567
31 0.338437542 127.0.0.1 → 127.0.0.1 TLSv1.2 316 Application Data
32 0.338887096 127.0.0.1 → 127.0.0.1 TLSv1.2 636 Application Data
33 0.344680957 127.0.0.1 → 127.0.0.1 TLSv1.2 183 Application Data
34 0.345234791 127.0.0.1 → 127.0.0.1 TLSv1.2 234 Application Data
35 0.350929261 127.0.0.1 → 127.0.0.1 TLSv1.2 169 Application Data

this all with turn off certificates validation, may be I should remove line in sip.*?

jicofo
Capturing on ‘Loopback’
1 0.000000000 127.0.0.1 → 127.0.0.1 TCP 74 60342 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077287566 TSecr=0 WS=256
2 0.000021396 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60342 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077287566 TSecr=3077287566 WS=256
3 0.000037285 127.0.0.1 → 127.0.0.1 TCP 66 60342 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077287566 TSecr=3077287566
4 0.013345276 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
5 0.013365467 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60342 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3077287580 TSecr=3077287580
6 0.013812696 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
7 0.013821393 127.0.0.1 → 127.0.0.1 TCP 66 60342 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3077287580 TSecr=3077287580
8 0.014955075 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
9 0.015238898 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
10 0.057430756 127.0.0.1 → 127.0.0.1 TCP 66 60342 → 5222 [ACK] Seq=205 Ack=366 Win=65536 Len=0 TSval=3077287624 TSecr=3077287581
11 0.225985475 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
12 0.229112680 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
13 0.229130154 127.0.0.1 → 127.0.0.1 TCP 66 60342 → 5222 [ACK] Seq=505 Ack=2246 Win=64256 Len=0 TSval=3077287795 TSecr=3077287795
14 0.257486824 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
15 0.257583895 127.0.0.1 → 127.0.0.1 TCP 66 60342 → 5222 [RST, ACK] Seq=512 Ack=2246 Win=65536 Len=0 TSval=3077287824 TSecr=3077287795
16 5.259846853 127.0.0.1 → 127.0.0.1 TCP 74 60350 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077292826 TSecr=0 WS=256
17 5.259875234 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60350 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077292826 TSecr=3077292826 WS=256
18 5.259900257 127.0.0.1 → 127.0.0.1 TCP 66 60350 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077292826 TSecr=3077292826
19 5.262412498 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
20 5.262440928 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60350 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3077292829 TSecr=3077292829
21 5.263285409 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
22 5.263303606 127.0.0.1 → 127.0.0.1 TCP 66 60350 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3077292829 TSecr=3077292829
23 5.264412107 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
24 5.264965376 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
25 5.272842653 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
26 5.278894701 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
27 5.280244812 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
28 5.280277929 127.0.0.1 → 127.0.0.1 TCP 66 60350 → 5222 [RST, ACK] Seq=512 Ack=2246 Win=65536 Len=0 TSval=3077292846 TSecr=3077292845
29 7.262440357 127.0.0.1 → 127.0.0.1 TCP 74 60352 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077294829 TSecr=0 WS=256
30 7.262468987 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60352 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077294829 TSecr=3077294829 WS=256
31 7.262493201 127.0.0.1 → 127.0.0.1 TCP 66 60352 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077294829 TSecr=3077294829
32 7.265220714 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
33 7.265251859 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60352 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3077294831 TSecr=3077294831
34 7.266113956 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
35 7.266134613 127.0.0.1 → 127.0.0.1 TCP 66 60352 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3077294832 TSecr=3077294832
36 7.267336103 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
37 7.267923002 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
38 7.274800721 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
39 7.281233593 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
40 7.283020453 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
41 7.283060961 127.0.0.1 → 127.0.0.1 TCP 66 60352 → 5222 [RST, ACK] Seq=512 Ack=2246 Win=65536 Len=0 TSval=3077294849 TSecr=3077294847
42 10.282022847 127.0.0.1 → 127.0.0.1 TCP 74 60354 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077297848 TSecr=0 WS=256
43 10.282050557 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60354 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077297848 TSecr=3077297848 WS=256
44 10.282075934 127.0.0.1 → 127.0.0.1 TCP 66 60354 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077297848 TSecr=3077297848
45 10.284862438 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
46 10.284891143 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60354 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3077297851 TSecr=3077297851
47 10.285711652 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
48 10.285732596 127.0.0.1 → 127.0.0.1 TCP 66 60354 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3077297852 TSecr=3077297852
49 10.286850187 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
50 10.287442914 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
51 10.293261201 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
52 10.301379756 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
53 10.302743431 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
54 10.302776759 127.0.0.1 → 127.0.0.1 TCP 66 60354 → 5222 [RST, ACK] Seq=512 Ack=2246 Win=65536 Len=0 TSval=3077297869 TSecr=3077297867
55 14.285282205 127.0.0.1 → 127.0.0.1 TCP 74 60362 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077301851 TSecr=0 WS=256
56 14.285308439 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60362 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077301851 TSecr=3077301851 WS=256
57 14.285332312 127.0.0.1 → 127.0.0.1 TCP 66 60362 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077301851 TSecr=3077301851
58 14.288875950 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
59 14.288902754 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60362 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3077301855 TSecr=3077301855
60 14.289750004 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
61 14.289771238 127.0.0.1 → 127.0.0.1 TCP 66 60362 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3077301856 TSecr=3077301856
62 14.290828425 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
63 14.291584573 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
64 14.299289655 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
65 14.304823965 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
66 14.306553360 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
67 14.306588785 127.0.0.1 → 127.0.0.1 TCP 66 60362 → 5222 [RST, ACK] Seq=512 Ack=2246 Win=65536 Len=0 TSval=3077301873 TSecr=3077301871
68 15.304828363 127.0.0.1 → 127.0.0.1 TCP 74 60366 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077302871 TSecr=0 WS=256
69 15.304855987 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60366 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077302871 TSecr=3077302871 WS=256
70 15.304881807 127.0.0.1 → 127.0.0.1 TCP 66 60366 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077302871 TSecr=3077302871
71 15.307701666 127.0.0.1 → 127.0.0.1 XMPP/XML 209 STREAM > auth.jitsi.advocatorb.ru
72 15.307731586 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60366 [ACK] Seq=1 Ack=144 Win=65536 Len=0 TSval=3077302874 TSecr=3077302874
73 15.308596074 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
74 15.308618451 127.0.0.1 → 127.0.0.1 TCP 66 60366 → 5222 [ACK] Seq=144 Ack=316 Win=65280 Len=0 TSval=3077302875 TSecr=3077302875
75 15.309649127 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
76 15.310255557 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
77 15.315621878 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
78 15.321662310 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
79 15.322831358 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
80 15.322862880 127.0.0.1 → 127.0.0.1 TCP 66 60366 → 5222 [RST, ACK] Seq=512 Ack=2246 Win=65536 Len=0 TSval=3077302889 TSecr=3077302888

jvb

Capturing on ‘Loopback’
1 0.000000000 127.0.0.1 → 127.0.0.1 TCP 74 60738 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077501699 TSecr=0 WS=256
2 0.000022850 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60738 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077501699 TSecr=3077501699 WS=256
3 0.000037992 127.0.0.1 → 127.0.0.1 TCP 66 60738 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077501699 TSecr=3077501699
4 0.010665906 127.0.0.1 → 127.0.0.1 XMPP/XML 245 STREAM > auth.jitsi.advocatorb.ru
5 0.010686778 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60738 [ACK] Seq=1 Ack=180 Win=65536 Len=0 TSval=3077501710 TSecr=3077501710
6 0.011135462 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
7 0.011145934 127.0.0.1 → 127.0.0.1 TCP 66 60738 → 5222 [ACK] Seq=180 Ack=316 Win=65280 Len=0 TSval=3077501710 TSecr=3077501710
8 0.012032535 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
9 0.012297935 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
10 0.056814118 127.0.0.1 → 127.0.0.1 TCP 66 60738 → 5222 [ACK] Seq=241 Ack=366 Win=65536 Len=0 TSval=3077501756 TSecr=3077501712
11 0.219478341 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
12 0.222612970 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
13 0.222628373 127.0.0.1 → 127.0.0.1 TCP 66 60738 → 5222 [ACK] Seq=541 Ack=2246 Win=64256 Len=0 TSval=3077501922 TSecr=3077501922
14 0.256366962 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
15 0.256469282 127.0.0.1 → 127.0.0.1 TCP 66 60738 → 5222 [RST, ACK] Seq=548 Ack=2246 Win=65536 Len=0 TSval=3077501956 TSecr=3077501922
16 4.261504685 127.0.0.1 → 127.0.0.1 TCP 74 60744 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077505961 TSecr=0 WS=256
17 4.261533315 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60744 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077505961 TSecr=3077505961 WS=256
18 4.261558929 127.0.0.1 → 127.0.0.1 TCP 66 60744 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077505961 TSecr=3077505961
19 4.264036826 127.0.0.1 → 127.0.0.1 XMPP/XML 245 STREAM > auth.jitsi.advocatorb.ru
20 4.264062583 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60744 [ACK] Seq=1 Ack=180 Win=65536 Len=0 TSval=3077505963 TSecr=3077505963
21 4.264883766 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
22 4.264905277 127.0.0.1 → 127.0.0.1 TCP 66 60744 → 5222 [ACK] Seq=180 Ack=316 Win=65280 Len=0 TSval=3077505964 TSecr=3077505964
23 4.265802701 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
24 4.266362303 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
25 4.274421859 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
26 4.279840747 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
27 4.281223119 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
28 4.281253904 127.0.0.1 → 127.0.0.1 TCP 66 60744 → 5222 [RST, ACK] Seq=548 Ack=2246 Win=65536 Len=0 TSval=3077505981 TSecr=3077505979
29 5.258810700 127.0.0.1 → 127.0.0.1 TCP 74 60746 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077506958 TSecr=0 WS=256
30 5.258836234 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60746 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077506958 TSecr=3077506958 WS=256
31 5.258861391 127.0.0.1 → 127.0.0.1 TCP 66 60746 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077506958 TSecr=3077506958
32 5.260911978 127.0.0.1 → 127.0.0.1 XMPP/XML 245 STREAM > auth.jitsi.advocatorb.ru
33 5.260940271 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60746 [ACK] Seq=1 Ack=180 Win=65536 Len=0 TSval=3077506960 TSecr=3077506960
34 5.261693986 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
35 5.261714134 127.0.0.1 → 127.0.0.1 TCP 66 60746 → 5222 [ACK] Seq=180 Ack=316 Win=65280 Len=0 TSval=3077506961 TSecr=3077506961
36 5.262602051 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
37 5.263146750 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
38 5.270771106 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
39 5.274846309 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
40 5.276049942 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
41 5.276079409 127.0.0.1 → 127.0.0.1 TCP 66 60746 → 5222 [RST, ACK] Seq=548 Ack=2246 Win=65536 Len=0 TSval=3077506975 TSecr=3077506974
42 8.283480224 127.0.0.1 → 127.0.0.1 TCP 74 60750 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077509983 TSecr=0 WS=256
43 8.283513037 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60750 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077509983 TSecr=3077509983 WS=256
44 8.283547505 127.0.0.1 → 127.0.0.1 TCP 66 60750 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077509983 TSecr=3077509983
45 8.285772534 127.0.0.1 → 127.0.0.1 XMPP/XML 245 STREAM > auth.jitsi.advocatorb.ru
46 8.285800994 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60750 [ACK] Seq=1 Ack=180 Win=65536 Len=0 TSval=3077509985 TSecr=3077509985
47 8.286999090 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
48 8.287019441 127.0.0.1 → 127.0.0.1 TCP 66 60750 → 5222 [ACK] Seq=180 Ack=316 Win=65280 Len=0 TSval=3077509986 TSecr=3077509986
49 8.287920448 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
50 8.288500418 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
51 8.293725117 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
52 8.299954843 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
53 8.301525283 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
54 8.301564773 127.0.0.1 → 127.0.0.1 TCP 66 60750 → 5222 [RST, ACK] Seq=548 Ack=2246 Win=65536 Len=0 TSval=3077510001 TSecr=3077509999
55 10.277803941 127.0.0.1 → 127.0.0.1 TCP 74 60752 → 5222 [SYN] Seq=0 Win=65495 Len=0 MSS=65495 SACK_PERM=1 TSval=3077511977 TSecr=0 WS=256
56 10.277828921 127.0.0.1 → 127.0.0.1 TCP 74 5222 → 60752 [SYN, ACK] Seq=0 Ack=1 Win=65483 Len=0 MSS=65495 SACK_PERM=1 TSval=3077511977 TSecr=3077511977 WS=256
57 10.277852908 127.0.0.1 → 127.0.0.1 TCP 66 60752 → 5222 [ACK] Seq=1 Ack=1 Win=65536 Len=0 TSval=3077511977 TSecr=3077511977
58 10.279898485 127.0.0.1 → 127.0.0.1 XMPP/XML 245 STREAM > auth.jitsi.advocatorb.ru
59 10.279926301 127.0.0.1 → 127.0.0.1 TCP 66 5222 → 60752 [ACK] Seq=1 Ack=180 Win=65536 Len=0 TSval=3077511979 TSecr=3077511979
60 10.280708181 127.0.0.1 → 127.0.0.1 XMPP/XML 381 STREAM < auth.jitsi.advocatorb.ru
61 10.280730118 127.0.0.1 → 127.0.0.1 TCP 66 60752 → 5222 [ACK] Seq=180 Ack=316 Win=65280 Len=0 TSval=3077511980 TSecr=3077511980
62 10.281685990 127.0.0.1 → 127.0.0.1 XMPP/XML 127 STARTTLS
63 10.282245876 127.0.0.1 → 127.0.0.1 XMPP/XML 116 PROCEED
64 10.287411794 127.0.0.1 → 127.0.0.1 TLSv1.2 366 Client Hello
65 10.293578762 127.0.0.1 → 127.0.0.1 TLSv1.2 1946 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
66 10.296201698 127.0.0.1 → 127.0.0.1 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Unknown)
67 10.296263182 127.0.0.1 → 127.0.0.1 TCP 66 60752 → 5222 [RST, ACK] Seq=548 Ack=2246 Win=65536 Len=0 TSval=3077511995 TSecr=3077511993

I am pausing this exchange for this week end. Maybe later.

Solved. after installing java 11, all began work as it must. Thanks to all who helped me.