Help making federation work
-
@nebulon Unrelated Q but any idea why my friend (using Element on Android) is getting an "SSL error" when trying to input the homeserver URL?
@humptydumpty is there an app installed at shinywebsite.com directly?
-
@humptydumpty is there an app installed at shinywebsite.com directly?
-
@nebulon I have the surfer app with a static html page.
@humptydumpty that appears to be a WP site.
make sure to have your friend enter the full URL:
https://sub.domain.com -
@humptydumpty that appears to be a WP site.
make sure to have your friend enter the full URL:
https://sub.domain.com@robi That's not my actual link. @subven used it as an example if I'm not mistaken.
I have matrix installed at matrix.example.me. At example.me there's the Surfer app with a static html page.
If I run that echo command:
curl https://example.me/.well-known/matrix/serverIt spits back
{ "m.server": "matrix.example.me:443" }If I input example.me at the federation tester website, I get the result shown below.
I used example.me as the server_name & matrix.example.me as the app location.
Cloudron is installed at my.totallydifferentdomain.com. <-- Should this link be used as the server_name?
Arigato!
-
To add to this, I dug up an old Android 5.0 phone and installed Element on it.
I could not replicate the SSL error message that my friend experienced. However, I could not sign in to my homeserver (see attachment for details). If I log into my other account hosted at the Matrix.org homeserver, it works just fine.
I am able to connect and chat between my self-hosted matrix homeserver and the Matrix.org homeserver & accounts so as far as I can tell, federation is working fine.
-
Update: I think it's working now. I was able to sign into my homeserver without any errors this time.
All I had to do was go to my Cloudron server and install Element under element.domain.me.
I thought Element needed to be installed only if you wanted to use the web version in a browser.
-
Update: I think it's working now. I was able to sign into my homeserver without any errors this time.
All I had to do was go to my Cloudron server and install Element under element.domain.me.
I thought Element needed to be installed only if you wanted to use the web version in a browser.
@humptydumpty said in Help making federation work:
I thought Element needed to be installed only if you wanted to use the web version in a browser.
Mmm, that is indeed the case. Element is just a UI and is not needed to use the mobile apps. Can you uninstall it and try to login on the phone again? I think something else resolved the issue.
-
@humptydumpty said in Help making federation work:
I thought Element needed to be installed only if you wanted to use the web version in a browser.
Mmm, that is indeed the case. Element is just a UI and is not needed to use the mobile apps. Can you uninstall it and try to login on the phone again? I think something else resolved the issue.
@girish Just uninstalled Element. I'm still able to log in fine now. My brain hurts.
-
I was chatting with the folks over on #element-web:matrix.org and someone said that I might have fixed an SSL issue for Matrix when I installed Element. It made sense to me but then I remembered that apps are containerized so that shouldn't be the case.
-
To add to this, I dug up an old Android 5.0 phone and installed Element on it.
I could not replicate the SSL error message that my friend experienced. However, I could not sign in to my homeserver (see attachment for details). If I log into my other account hosted at the Matrix.org homeserver, it works just fine.
I am able to connect and chat between my self-hosted matrix homeserver and the Matrix.org homeserver & accounts so as far as I can tell, federation is working fine.
@humptydumpty
thanks for your advice, but now i'm totally confused!
if i'm doing it like the cloudron docs, i dont get the expected answer ...mkdir -p /home/yellowtent/boxdata/well-known/example.com/matrix
echo '{ "m.server": "matrix.example.com:443" }' > /home/yellowtent/boxdata/well-known/example.com/matrix/server
curl https://example.com/.well-known/matrix/server
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>when i use my.example.com then i get the get the expected answer ...
mkdir -p /home/yellowtent/boxdata/well-known/my.example.com/matrix
echo '{ "m.server": "matrix.example.com:443" }' > /home/yellowtent/boxdata/well-known/my.example.com/matrix/server
curl https://my.example.com/.well-known/matrix/server
{ "m.server": "matrix.example.com.com:443" }Until here i'm fine!
when i try to use the federation tester, i have some errors..
and i cannot connect to federation.
-
@humptydumpty
thanks for your advice, but now i'm totally confused!
if i'm doing it like the cloudron docs, i dont get the expected answer ...mkdir -p /home/yellowtent/boxdata/well-known/example.com/matrix
echo '{ "m.server": "matrix.example.com:443" }' > /home/yellowtent/boxdata/well-known/example.com/matrix/server
curl https://example.com/.well-known/matrix/server
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>when i use my.example.com then i get the get the expected answer ...
mkdir -p /home/yellowtent/boxdata/well-known/my.example.com/matrix
echo '{ "m.server": "matrix.example.com:443" }' > /home/yellowtent/boxdata/well-known/my.example.com/matrix/server
curl https://my.example.com/.well-known/matrix/server
{ "m.server": "matrix.example.com.com:443" }Until here i'm fine!
when i try to use the federation tester, i have some errors..
and i cannot connect to federation.
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
-
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
-
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
@girish said in Help making federation work:
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
Please put that information in the documentation for Matrix.
-
@girish said in Help making federation work:
@sebgg I think this is most likely because you don't have an app installed on example.com. Just install any app there i.e on the bare domain of example.com. You can also pick some existing and set the bare domain to redirect to it. Only when the "bare domain" (https://example.com) is serviced by cloudron, will the well-known stuff work.
Please put that information in the documentation for Matrix.
-
@drpaneas the next Cloudron version will have a feature on the domain settings to fix this. So no need to have an app installed on the bare domain anymore then.
@nebulon said in Help making federation work:
So no need to have an app installed on the bare domain anymore then.
We still need an app on bare domain in the latest release. All the new feature does it to set up the .well-known paths without having to edit files manually on the server.
-
@nebulon said in Help making federation work:
So no need to have an app installed on the bare domain anymore then.
We still need an app on bare domain in the latest release. All the new feature does it to set up the .well-known paths without having to edit files manually on the server.
@girish sorry that i bumped in the conversation. I was following the story and do have one question regarding the App installed at bare domain.
Does the app that's installed on bare domain have to be running? Or can it be installed, without it being active (running)? -
@girish sorry that i bumped in the conversation. I was following the story and do have one question regarding the App installed at bare domain.
Does the app that's installed on bare domain have to be running? Or can it be installed, without it being active (running)? -
@dantheman the app doesn't need to be running, it can be Stopped.
-
Even though I got Matrix and the Federation to work. My friend still can't log into my Matrix homeserver so I decided to set up NextCloud Talk and Mattermost and see which ones work best for us.
Turns out they can't connect to ANY of them from their Samsung Galaxy S6 Edge running Android 7. I ask them to log in via the web browser just to test the account itself and they log in just fine.
It's a problem logging in with the android apps only that are running on my server and the error is almost the same across them all. For Matrix/Element, if they use the Matrix homeserver, it connects just fine.
Handshake error
SSL error
or something of the sortI found this thread on Mattermost discussing certificate issues.
Quoting user "yanuk"
I upgraded the SSL certs to RSA4096 and it now works. Iām not sure what happened and why it only affected a single phone in office. Seems unique to only that phone.I went to ssllabs.com and ran a test and got OCSP ERROR: Exception: connect timed out for the certificate path for the app.
**** I changed the domain in the screenshot for privacy by editing the page source - PM for more info ****
The question now is how to upgrade the type of certificate that Let's Encrypt is creating and have that change be permanent when the next renewal date is up. Thoughts?
-
Even though I got Matrix and the Federation to work. My friend still can't log into my Matrix homeserver so I decided to set up NextCloud Talk and Mattermost and see which ones work best for us.
Turns out they can't connect to ANY of them from their Samsung Galaxy S6 Edge running Android 7. I ask them to log in via the web browser just to test the account itself and they log in just fine.
It's a problem logging in with the android apps only that are running on my server and the error is almost the same across them all. For Matrix/Element, if they use the Matrix homeserver, it connects just fine.
Handshake error
SSL error
or something of the sortI found this thread on Mattermost discussing certificate issues.
Quoting user "yanuk"
I upgraded the SSL certs to RSA4096 and it now works. Iām not sure what happened and why it only affected a single phone in office. Seems unique to only that phone.I went to ssllabs.com and ran a test and got OCSP ERROR: Exception: connect timed out for the certificate path for the app.
**** I changed the domain in the screenshot for privacy by editing the page source - PM for more info ****
The question now is how to upgrade the type of certificate that Let's Encrypt is creating and have that change be permanent when the next renewal date is up. Thoughts?
