TLS issue with remote instance?
My Pleroma instances cannot lookup users on the Mastodon instance at defcon.social, and an account there can lookup but not follow users on my Pleroma instances.
This appears to be a TLS version issue; the following shows up in /var/log/messages on my instance when one of their users tries to follow one of mine:
Nov 28 12:09:06 bakunin mix[505650]: 12:09:06.367 [info] POST /users/spike/inbox Nov 28 12:09:06 bakunin mix[505650]: 12:09:06.381 request_id=FyvYg4vbjf0Vby4AASS B [warning] Description: 'Authenticity is not established by certificate path va lidation' Nov 28 12:09:06 bakunin mix[505650]: Reason: 'Option {verify, verify_peer} a nd cacertfile/cacerts is missing' Nov 28 12:09:06 bakunin mix[505650]: 12:09:06.463 [notice] TLS :client: In state :hello received SERVER ALERT: Fatal - Protocol Version Nov 28 12:09:06 bakunin mix[505650]: 12:09:06.463 request_id=FyvYg4vbjf0Vby4AASS B [error] Could not decode user at fetch https://defcon.social/users/us3r1d, {:t ls_alert, {:protocol_version, 'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}} Nov 28 12:09:06 bakunin mix[505650]: 12:09:06.466 request_id=FyvYg4vbjf0Vby4AASS B [info] Sent 400 in 98ms
The following shows up in /var/log/messages on my instance when one of my users tries to find one of theirs:
Nov 28 12:18:02 bakunin mix[506229]: 12:18:02.889 [warning] Description: 'Authenticity is not established by certificate path validation' Nov 28 12:18:02 bakunin mix[506229]: Reason: 'Option {verify, verify_peer} and cacertfile/cacerts is missing' Nov 28 12:18:02 bakunin mix[506229]: 12:18:02.968 [notice] TLS :client: In state :hello received SERVER ALERT: Fatal - Protocol Version Nov 28 12:18:02 bakunin mix[506229]: 12:18:02.970 [warning] Description: 'Authenticity is not established by certificate path validation' Nov 28 12:18:02 bakunin mix[506229]: Reason: 'Option {verify, verify_peer} and cacertfile/cacerts is missing' Nov 28 12:18:03 bakunin mix[506229]: 12:18:03.042 [notice] TLS :client: In state :hello received SERVER ALERT: Fatal - Protocol Version Nov 28 12:18:03 bakunin mix[506229]: 12:18:03.210 request_id=FyvY_0hs7zT46yAAAStR [info] Sent 200 in 5397ms