[SOLVED] /etc/pki/tls and subdirectories contents

Support
3

@robb,

Hi Rob,

Thank you very much for your reply.

My Matrix-Synapse is LOCAL.
image

I tried:

  • Let’s Encrypt LOCAL with acme.sh
  • Copy Let’s Encrypt LOCAL with acme.sh to main server and assigned it to redirected domains
  • Requets Let’s Encrypt for my Matrix domain + CNAMEs on main server and assigned it to redirected domains on main server.
  • Copy Let’s Encrypt for my Matrix domain + CNAMEs on main server to LOCAL
  • On main server, I request Let’s Encrypt for main server including LOCAL domains and assign it to redirected domains
  • Copy Let’s Encrypt for main server including LOCAL domains to LOCAL

Send an invitation to join room on my Matrix-Synapse site to myself logged in at matrix.org:
I receive the invitation at matrix.org but when I tried to join, matrix.org said:

  • Invalid signature for server matrix.org with key ed25519:0: Unable to verify signature for matrix.org: <class ‘nacl.exceptions.BadSignatureError’> Signature was forged or corrupt

I opened an account at mozilla.org.
Invitation sent to myself logged in at mozilla.org.

  • Invalid signature for server mozilla.org with key ed25519:0: Unable to verify signature for mozilla.org: <class ‘nacl.exceptions.BadSignatureError’> Signature was forged or corrupt

At matrix.org or at mozilla.org, if I search for @my-user-name:FQDN-my-matrix-site to join a room, matrix.org or mozilla.org finds me and displays my name.
When I click Invite:

  • Failed to make_join via any server

At matrix.org, if I invite myself with my mail address, I receive the email, respond, and I can join the Room.

I saw somewhere that Matrix doesn’t support SNI.
Maybe that is the reason and it is not possible to have a LOCAL redirected site??? But I don’t think so.

Because I have a few domains on my main server and I do not want to disturb it too much, in the request for Let’s Encrypt for main server including LOCAL domains, I kept FQDN of my main server as the first domain.
Maybe I should try to put my Matrix-Synapse domain FQDN as the first one ???

Everything else with my Matrix-Synapse LOCAL site is working correctly with any of the above Let’s Encrypt certificate using either Firefox or TOR…

Again, thank you for your support.

Michel-André

EDIT:
I use https://192.168.1.75 when redirecting to LOCAL, should I use http instead of https ?