Fixing Prosody SSL after upgrade to Debian Jessie

When I upgraded my home server from Debian 7 (wheezy) to 8 (jessie), my installation of the Prosody Jabber chat server broke. Specifically, my chat client would no longer connect, saying SSL was not supported on the server, and prosody complained about SSL support not being available whenever I ran prosodyctl. First I'll show the diagnostic information, then the fix and explanation (spoiler: downgrade lua-socket!), then the new diagnostic output.


A very helpful person in the Prosody group chat room identified my problem and helped me fix it! Here's the output of the commands they had me run.

$ sudo prosodyctl about

Prosody was unable to find LuaSec
This package can be obtained in the following ways:

	luarocks:         luarocks install luasec

SSL/TLS support will not be available
More help can be found on our website, at

Prosody 0.9.10

# Prosody directories
Data directory:  	/var/lib/prosody
Plugin directory:	/usr/lib/prosody/modules/
Config directory:	/etc/prosody
Source directory:	/usr/lib/prosody

# Lua environment
Lua version:             	Lua 5.1

Lua module search paths:

Lua C module search paths:

LuaRocks:        	Not installed
# Lua module versions
lfs:     	LuaFileSystem 1.6.2
lxp:     	LuaExpat 1.3.0
pposix:  	0.3.6
socket:  	LuaSocket 3.0-rc1

That big warning at the top also shows up any time I start, stop, or query the status of the service. And here are the results of trying to load the Lua SSL module:

$ lua -lssl
lua: error loading module 'ssl.core' from file '/usr/lib/arm-linux-gnueabihf/lua/5.1/': cannot open shared object file: No such file or directory
stack traceback:
	[C]: ?
	[C]: in function 'require'
	/usr/share/lua/5.1/ssl.lua:7: in main chunk
	[C]: ?
	[C]: ?

And finally, the kicker. I'd never heard of the policy subcommand, but I clearly need to familiarize myself with it:

$ apt-cache policy lua-socket
  Installed: 3.0-rc1-4~wheezy
  Candidate: 3.0-rc1-4~wheezy
  Version table:
 *** 3.0-rc1-4~wheezy 0
        100 /var/lib/dpkg/status
     3.0~rc1-3 0
        500 jessie/main armhf Packages


The issue seems to be that their wheezy repo contained a newer version of lua-socket than the official Debian jessie repos, so it sticks around after an upgrade to jessie and causes a version mismatch. The answer is to downgrade to the official version:

$ sudo apt-get install lua-socket=3.0~rc1-3

No pinning is required because the package is no longer in any of my apt sources; I won't get asked to upgrade it the next time I check for updates.


After the fix, the prosody output contains one additional line in the Lua modules section (ssl: 0.5.PR) and no giant warning. Running lua -lssl just prints a version string and drops me into a Lua shell. And the output of the apt policy command shows only one version:

$ apt-cache policy lua-socket
  Installed: 3.0~rc1-3
  Candidate: 3.0~rc1-3
  Version table:
 *** 3.0~rc1-3 0
        500 jessie/main armhf Packages
        100 /var/lib/dpkg/status

And, of course, Pidgin can now connect to my server!

Responses: 3 so far Feed icon

  1. Чаз says:

    Thank you Tim, these instructions fixed the same problem I was experiencing.


  2. Anex says:

    Thank you very much! I'm going to read your blog from now on.

  3. Matt says:

    Tim, I owe you a beer. Thanks!

Commenting is not yet reimplemented after the Wordpress migration, sorry! For now, you can email me and I can manually add comments.