Ejabberd

Why can't clients connect when ejabberd is not running as root?

Built ejabberd 21.07 from source on ubuntu 20.04

./configure --prefix= --exec-prefix=/usr  --enable-mysql --enable-stun --enable-sip

Made the necessary minimal changes to the configurator

hosts:
  - localhost
  - domain.com

loglevel: info

## If you already have certificates, list them here
certfiles:
  - /etc/letsencrypt/live/domain.com/fullchain.pem
  - /etc/letsencrypt/live/domain.com/privkey.pem

listen:
  -
    port: 5222
    ip: "::"
    module: ejabberd_c2s
    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
    starttls_required: true

I run Ejabberd as root, which the server constantly swears about, but in this case, everything works. Clients connect, send messages, etc...

Since the server warns that you should not run ejabberdctl from root, I reconfigured the server, having previously created a user

./configure --prefix= --exec-prefix=/usr --enable-user=ejabberd --enable-mysql --enable-stun --enable-sip

After that, the server starts, already without swearing, that from under root. But now the clients have stopped connecting. When trying to connect a client in the server logs, this is the warning:

[info] <0.367.0>@ejabberd_listener:accept/7:273 (<0.523.0>) Accepted connection [::ffff:client_ip]:40760 -> [::ffff:server_ip]:5222
[warning] <0.523.0>@ejabberd_c2s:process_terminated/2:310 (tcp|<0.523.0>) Failed to secure c2s connection: TLS failed: no_certfile

Who knows how to overcome?