Self-signed certificate should only be generated if no external cert is specified about mumble HOT 7 OPEN

this has to stop the starting up process

Well, not necessarily. With every user setting you can either fail on problems or use a plausible/useful default instead. In this case I agree though. If the specified cert can not be loaded the startup should probably fail.

The self signed cert that is generate by murmurd has to be delete out of the database by calling murmurd with -wipessl

It seems you are not familiar with Murmurs ini configuration and vserver concept.
The ini file provides default values for the potentially multiple vservers (servers you can connect to) that the process runs.
(This way you can for example provide a default welcome text for all vservers, but still specify specific ones for the individual vservers overriding the default.)
So I guess you set your certificate only via the murmur.ini. Thus, only the default is set while the vserver already has a specific self-generated certificate, thus not using the default any more. Wiping this certificate will make murmur use the default again.

I guess the wiki could really use a how to own-cert, if it does not provide one yet.

from mumble.

Looking at the code, --wipessl is not necessary for replacing an autogenerated cert with one specified in the ini, at least in our development snapshots/1.3.0, see Cert.cpp#L137

We still log failure to load the cert specified in the ini, and we still create a new autogenerated one in that case; Cert.cppL165.

from mumble.

After looking into it further, I realized that I'm using a very outdated version of murmur (~1.2.9) and it was not logging use of the autogenerated cert without the verbose option. I'm not sure if this is current behavior. I agree with the your previous sentiment that if a user is competent enough to specify their own cert/key pair, murmur should not try to recover from failing to load them.

from mumble.

@Kissaki did I understand it correctly that this is resolved in 1.3?

from mumble.

My comment only talks about the state in 1.3, not about whether it changed or not.

from mumble.

Is this still an issue in 1.4?

from mumble.

Yep.

from mumble.