-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x509: certificate is not valid for any names #27
Comments
That sounds like an issue with your Mumble host certificate; can you verify that the certificate on your mumble host has the host as its CommonName or SAN? I.e. if the ??? was "mumble.example.com" then the certificate would have "mumble.example.com" as either the CommonName or a SubjectAlternativeName. |
@stryan I am not really sure what CommonName or SAN is, but when I view the info of the server and the "Certificate Chain Details", it does say
You are correct that the address is |
Ah, you're using the Mumble generated certificate. The auto-generated certificate doesn't actually know what you're calling your server so it doesn't have the right names on it. I don't think Murmur has a way of automatically generating an actual trusted certificate for your server, though I'm not at home to verify this. So if you're not providing one manually through the
options in Murmur.ini, you'll probably need to use the -mumble-insecure option to connect. If you want to use the server outside of small-scale or testing purposes, you can grab a free certificate from Let's Encrypt. That will work without the -mumble-insecure option as a side-note; I do suspect this problem will keep coming up for others. I might take a look at adding some kind of TOFU-style system to the bridge for auto-generated and self-signed certificates. I know Gumble uses something similar for self-signed certs. |
I am using this on a very small scale basis (or testing) so that's not a problem really. Thanks for your support, and yeah I think this issue might come up to more people. |
This is most likely a PEBKAC since I am probably not understanding the instructions correctly, so here's my issue.
I've gotten the CID, GID and bot token and I can start the bridge fine with
mumble-insecure
set totrue
. But when I run it with it set tofalse
, it won't connect;I did try generate a certificate (which is optional it says) but it doesn't work still. I replaced the mumble address with question marks.
The text was updated successfully, but these errors were encountered: