Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Selfhosted CA integrated to the system aren't reconised #1658

Open
Astaoth opened this issue May 6, 2024 · 0 comments
Open

Selfhosted CA integrated to the system aren't reconised #1658

Astaoth opened this issue May 6, 2024 · 0 comments
Labels
A-Electron O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Minor Impairs non-critical functionality or suitable workarounds exist T-Defect X-Community-Supported-Platform This issue occurs in a platform not directly supported by us, but by a community project elsewhere Z-Linux Z-Upstream

Comments

@Astaoth
Copy link

Astaoth commented May 6, 2024
edited

Steps to reproduce

  1. Make a custom CA
  2. Integrate this CA into the Linux CA store (on the server and the client sides).
  3. Test this CA integration with multiples services in order to validate its integration
  4. Deploy a selfhosted Synapse server following the official guides
  5. Make a tls key/certificate for Synapse from the local CA
  6. Configure Synapse for using the fullchain certificate made
  7. Launch Element-desktop and try to make an account on the selfhosted Matrix/Synapse server

Outcome

What did you expect?

Being able to connect to my selfhosted Matrix server.

What happened instead?

I'm not able to connect myself to my selfhosted server. When running element-desktop from a terminal, I've this error : "ERROR: VerifySignedData failed". The CA is known and integrated to the system CA store.

NB : if I configure Synapse for using the final TLS cert only and not the fullchain, I've this error : "ERROR: No matching issuer found". This seems normal as I've an intermediate CA, which needs to be provided to Synapse.

Operating system

Arch Linux

Application version

1.11.65-1

How did you install the app?

from package manager : pacman -S element-desktop

Homeserver

Selfhosted debian server : matrix-synapse/stable-backports,now 1.95.1-1~bpo12+1 amd64

Will you send logs?

No
@dosubot dosubot bot added the O-Uncommon Most users are unlikely to come across this or unexpected workflow label May 6, 2024
@t3chguy t3chguy added Z-Upstream Z-Linux X-Community-Supported-Platform This issue occurs in a platform not directly supported by us, but by a community project elsewhere A-Electron labels May 7, 2024
@dbkr dbkr added the S-Minor Impairs non-critical functionality or suitable workarounds exist label May 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-Electron O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Minor Impairs non-critical functionality or suitable workarounds exist T-Defect X-Community-Supported-Platform This issue occurs in a platform not directly supported by us, but by a community project elsewhere Z-Linux Z-Upstream
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Astaoth @dbkr @t3chguy