#1059 Prosody rejects s2s to servers providing a full certificate chain
What steps will reproduce the problem?
1. Set up a server which has the full certificate chain in the certificate file.
2. Create user on this server.
3. Attempt to add this user from another prosody instance.
What is the expected output?
I should be able to add users from such servers.
What do you see instead?
Dec 15 02:46:55 s2sout55a0098f1120 debug certificate chain validation result: invalid
Dec 15 02:46:55 s2sout55a0098f1120 debug certificate error(s) at depth 3: self signed certificate in certificate chain
What version of the product are you using? On what operating system?
0.10.0 as shipped by Alpine Linux.
Please provide any additional information below.
That error most likely means that you don't have the root certificate, or Prosody could not find it.
Check that any root certificate package is installed and that Prosody can find them. By default, Prosody looks in /etc/ssl/certs.
Apologies for the lack of response.
It appears to have been due to an outdated ca-certificates package.