![]() ![]() The loginurl is the place where we point users to that have not yet authenticated. This adminuser and password you should have created when you first installed Rocket. Setting up Zimbraįor this you need to set-up the Java server extension copy it from to /opt/zimbra/lib/ext/rocket/rocket.jar ( and make sure this is the only jar in this folder) then create a text file /opt/zimbra/lib/ext/rocket/config.properties with the contents: adminuser=adminUsername Aka and will work, and will not work. This means that RocketChat needs to be installed on a subdomain similar to Zimbra. RocketChat sets cookies on the client via Javascript and does not support configuring the SameSite attribute, which is needed for it to run on a different domain than Zimbra. systemctl start nginxĭuring 2020 Google and various vendors have been pushing the requirement to set cookies with the SameSite and Secure attributes. Modify the config in /etc/nginx/sites-enabled/default as per the example in proxy-config folder. See the proxy-config folder for a basic example nginx/apache config. This will allow you to use TLS/SSL and configure headers needed for the integration. A welcome email is send to the user with a fallback password, this can only be used in situations where the integration is disabled.įollow the instruction for setting up Rocket Chat using Snap on Ubuntu 18.Īllow API tokens to be used echo "CREATE_TOKENS_FOR_USERS=true" > /var/snap/rocketchat-server/common/create-tokens.env Once set-up the users can only log-in via the Zimbra log-in page this includes mobile device apps. The Zimlet will create accounts in Rocket Chat based on the Zimbra primary email address. SMTP configuration fails and say something about **self signed certificate in certificate chain**.Īt TLSSocket.onConnectSecure (_tls_wrap.js:1502:34)Īt (domain.js:483:12)Īt TLSSocket._finishInit (_tls_wrap.js:937:8)Īt (_tls_wrap.js:711:12)Īt TLSWrap.callbackTrampoline (_internal/async_hooks.js:126.This Zimlet will automatically create accounts for your users and will log them on to Rocket Chat automatically. Because I would like to use my own CA to ensure data transferring security. SMTP configuration of my private smtp server over personal CA signed SSL certificate works. I just want the rocketchat docker can recognize the site SSL certificate signed by my custom CA certificate, which I have put it under `/usr/share/ca-certificates`. ![]() In stackoverflow, somebody say I can add some ignore flag to `main.js`, but I neither try the method nor be willing to disable TLS identify, cause it will put my data in and insecure situation. reboot docker instance and try sending email again, failed with same logs pasted above. `docker exec -it -u 0 bash` and `dpkg-reconfigure ca-certificates`ħ. use docker command `docker exec -it -u 0 bash` and `apt-get install ca-certificates` to install necessary software for adding custom CA certificate to system area under `/usr/share/ca-certificates`Ħ. ![]() Then click **save changes** and **send test email to myself**, no email is delivered and logs says:Ĥ. Trying to set email-smtp, filling with this params: Login to rocketchat with and do some admin configuration, then use rocketchat as normal.ģ. Deploy mongo and rocketchat by docker according to official instruction at Ģ. Therefore, I would like to set smtps on rocketchat, but receive error says **self signed certificate in certificate chain**, I guess is the smtps ssl verifying did not pass.ġ. Instead, I deploy other web services with SSL support by using custom CA certificate to sign the website SSL certificate, for example, my SMTP Server. I deploy rocketchat on a LAN environment which has no internet access, so I can not use the public CA signed certificate. mongo and rocketchat are installed by docker and communicate with -link argument on rocketchat docker run command.currently the website is run in http, I have not make reverse-proxy yet.I’ve use command openssl s_client -connect my.:465 to verify and checked that the ssl information is correct, which show that it is signed by our own CA certificate instead of a self signed certificate. Just wondering why I have install our own CA.crt to /usr/share/ca-certificates with command dpkg-reconfigure ca-certificates but the rocketchat still emit error that self signed certificate in certificate chain, what does it means? which self signed certificate it is pointing to? I’ve even install ca-certificates in docker bundle system using docker exec -it -u 0 bash and then install our CA.crt into /usr/share/ca-certificates, but it does not works with these error output when I click “test sending email”:Įxception in defer callback: Error: self signed certificate in certificate chainĮxception in defer callback: Rocket Chat Server can not set LAN SMTP Server, and the site has correct certificate signed by our own CA certificate that only exist in LAN. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |