Websocket Problems and sasl errors

We are trying to set up jitsi including our own turn server and we just can’t figure out what’s wrong anymore. Basically the problem is I can acces the start page, but when opening a room and after granting access to camera and mic I immediately get the warning that the connection has been disconnected and the site will reload in x seconds.
Concerning errors, on the one hand I see the following errors in the Browsers console about the WebSocket for XMPP
strophe.umd.js:5463 WebSocket connection to ‘wss://jitsi.domain.de/xmpp-websocket?room=qwe’ failed: Error during WebSocket handshake: Unexpected response code: 403

Logger.js:154 2020-05-04T11:15:14.742Z [JitsiMeetJS.js] <Object.getGlobalOnErrorHandler>: UnhandledError: null Script: null Line: null Column: null StackTrace: Error: Strophe: Websocket error [object Event]
at Object.r.Strophe.log (strophe.util.js:89)
at Object.error (strophe.umd.js:1392)
at N.Websocket._onError (strophe.umd.js:5730)

2020-05-04T11:15:14.750Z [modules/xmpp/strophe.util.js] <Object.r.Strophe.log>: Strophe: Websocket error [object Event]

2020-05-04T11:15:49.371Z [connection.js] <a.u>: CONNECTION FAILED: connection.otherError

2020-05-04T11:16:04.870Z [features/base/connection] connection.otherError

The full log can be seen here: https://pastebin.com/jb3KvRd6

Additionally, the logs of Jicofo and Jitsi show these lines:

2020-05-04 14:43:49.244 SCHWERWIEGEND: [34] ComponentMain.lambda$getConnectCallable$0#293: java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused),\ host:myip, port:5347

org.xmpp.component.ComponentException: java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)
at org.jivesoftware.whack.ExternalComponent.connect(ExternalComponent.java:296)
at org.jivesoftware.whack.ExternalComponentManager.addComponent(ExternalComponentManager.java:242)
at org.jivesoftware.whack.ExternalComponentManager.addComponent(ExternalComponentManager.java:222)
at org.jitsi.meet.ComponentMain.lambda$getConnectCallable$0(ComponentMain.java:285)
at org.jitsi.retry.RetryStrategy$TaskRunner.run(RetryStrategy.java:193)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)
at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242)
at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
at java.base/java.net.Socket.connect(Socket.java:609)
at org.jivesoftware.whack.ExternalComponent.connect(ExternalComponent.java:174)
… 10 more
2020-05-04 14:43:49.689 SCHWERWIEGEND: [30] RetryStrategy$TaskRunner.run#198: org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authoriz\ed
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.base/java.lang.Thread.run(Thread.java:834)

Concerning the WebSocket error, we already tried this: community.jitsi. org/t/ask-xmpp-websocket-configuration/30386/4
The only things we achieved with this and some tweeks to the nginx config was changing the error code from 200 to 404 to 403.
And yes, concerning what the last post in that link said and what this site says: community.jitsi .org/t/309-failed-to-connect-login-saslerror-using-scram-sha-1-not-authorised/20951/11
we haven’t only checked the passwords about 10 times, but changed them and replaced them according this manual: github .com/jitsi/jitsi-meet/blob/master/doc/manual-install.md)
without success.

We can’t find any solutions we haven’t already tried and just nothing works. We even replaced most of the variables in the autostart files (in the systemd .service file of the video bridge and the init.d file of jicofo) and told both JVB_HOST and JICOFO_HOST to use the ip adress of the Server rather than localhost, nothing. Maybe someone else can shed some light into the sittuation.

About our system: Debian 10 running NGINX 1.18 with the latest stable releases, everything was set up according this manual: github .com/jitsi/jitsi-meet/blob/master/doc/scalable-installation.md
and the manual guide mentioned there.
Here is our config for nginx: https://pastebin.com/hrbKBeHG

PS: sorry for the butchered links, but as a new user “you can’t upload attachments” and “you can only put 2 links into your post”…well I refuse to make the post even more unreadable by putting in the logs and configs

Nevermind. I set it up from scratch again, now it seems to work. Lets see if it actually does

at the Moment it kinda works with 1 on 1 calls but no video or audio with more participants.
I was able to fix the error in the videobridge by configuring the sip config, but the sasl error still occours in jicofo

EDIT: the Jicofo error is because if you follow this guide: https://github.com/jitsi/jitsi-meet/blob/master/doc/manual-install.md you have to set “YOURSECRET3” also in the Jicofo config as the AUTH_PASSWORD, which seems to be said in no guide.

About the Videobridge not working, it seems Port 10000 UDP was only opened for UDP6. The problem: we have yet to get a IPv6-subnet allocated, since we can’t do such things ourselves.

EDIT2: The problem with the videobridge was not the lack of IPv6, but it refused to connect over IPv4 too, so after disabling IPv6 entirely on Debian it now works like a charm

Hello @damencho @saghul @Richard_Rosner ,

Tried the kubernetes deployement. Facing the below error.

strophe.umd.js:5463 WebSocket connection to 'wss://localhost:8443/xmpp-websocket?room=possiblebuttersbetrayelse' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED

_connect @ strophe.umd.js:5463
Logger.js:154 2020-12-08T10:36:23.767Z [JitsiMeetJS.js] <Object.getGlobalOnErrorHandler>: UnhandledError: null Script: null Line: null Column: null StackTrace: Error: Strophe: Websocket error [object Event]
at Object.r.Strophe.log (strophe.util.js:89)
at Object.error (strophe.umd.js:1392)
at N.Websocket._onError (strophe.umd.js:5730)
o @ Logger.js:154
Logger.js:154 2020-12-08T10:36:23.767Z [modules/xmpp/strophe.util.js] <Object.r.Strophe.log>: Strophe: Websocket error [object Event]
o @ Logger.js:154
Logger.js:154 2020-12-08T10:36:23.771Z [connection.js] <a.d>: CONNECTION FAILED: connection.otherError
o @ Logger.js:154

Thanks advance for your input on this…

Hello @sunilkumarjena21,
Did you solve this problem ?

I could fix this problem by providing PUBLIC_URL in the environment