I've a working standard jitsi-meet install on a single VM. I now want to "detach" the videobridge2 (JVB) from this VM setup and install it on another machine (to use only https 443 port).
I watched this outdated tutorial and understood a bit how it works under the hood. I stumbled upon this more recent wiki and decided to follow it.
While I'm unsure to have properly followed it perfectly (because some parts were not very explicit to me), I have this error in my distant JVB logs:
2020-05-16 14:46:15.192 WARNING: [39] [hostname=sub.mydomain.tld id=shard] MucClient$1.connectionClosedOnError#295: Closed on error:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:198)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1967)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:331)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:325)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1688)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1082)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:1010)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1079)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1388)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1416)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1400)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnection.java:810)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1200(XMPPTCPConnection.java:151)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1071)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)
If I'm understanding correctly, the distant JVB tries to connect to my jitsi-meet VM prosody to receive traffic. But according to the above logs, it seems that there is a certificate problem with the MUC connexion. I found this old thread on the community forum saying there is no need to worry about all these self-signed certificates, but I'm feeling that I should try to install proper certificates?
Does someone here, recently managed to install multiple JVB instances to a jitsi-meet install and could lighten me a bit here?
Thanks
You need to disable the certificate verification in your remote JVB. In your remote JVB
/etc/jitsi/videobridge/sip-communicator.properties
file add one more parameterIt's updated now in their wiki as well.