I am trying to set up a locally-hosted ejabberd instance running in docker to use push notifications with monal-im.
I am getting the following error in the log
Failed outbound s2s EXTERNAL authentication chat.[MY DOMAIN].com -> eu.prod.push.monal-im.org (2.59.135.40): Authentication failed: Peer responded with error: unable to verify the first certificate (not-authorized)
I'm not an expert in security certificates, so I must be doing something quite wrong.
I have the following in my ejabberd.yml file:
certfiles:
- "/etc/letsencrypt/live/localhost/cert1.pem"
ca_file: "/etc/letsencrypt/live/localhost/ejabberd.pem"
listen
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
max_stanza_size: 524288
certfile: "/etc/letsencrypt/live/localhost/ejabberd.pem"
This resides in a docker container and port 80 is used by another container so I cannot forward it to this container, so I don't think I can use the acme service. ejaabberd.pem is the private key, certificate, and chain combined. The certificate CN is chat.[MY DOMAIN].com
Everything else seems to work. I just can't get IOS users to get push notifications when their app is sleeping.
Any ideas how to troubleshoot?
