Hello! I am working through some issues with federation between my own server, https://globe.pub, and all other Lemmy servers.

When I subscribe to a community on a foreign server (e.g. https://lemmy.world/c/world), I get an error saying Activity was rejected by https://lemmy.world/inbox, aborting: Incoming activity has invalid signature.

I’m having trouble figuring out what is misconfigured on my server. Does anyone have advice on how I can resolve this?

Below are my debug logs for a failed subscription request:

2023-07-16T20:05:17.562556Z DEBUG activitypub_federation::activity_queue: Sending https://globe.pub/activities/follow/7dec89e1-eea0-4265-98c4-8e927fde3f6f to https://lemmy.world/inbox, contents:
 {"@context":["https://www.w3.org/ns/activitystreams","https://w3id.org/security/v1",{"lemmy":"https://join-lemmy.org/ns#","litepub":"http://litepub.social/ns#","pt":"https://joinpeertube.org/ns#","sc":"http://schema.org/","ChatMessage":"litepub:ChatMessage","commentsEnabled":"pt:commentsEnabled","sensitive":"as:sensitive","matrixUserId":"lemmy:matrixUserId","postingRestrictedToMods":"lemmy:postingRestrictedToMods","removeData":"lemmy:removeData","stickied":"lemmy:stickied","moderators":{"@type":"@id","@id":"lemmy:moderators"},"expires":"as:endTime","distinguished":"lemmy:distinguished","language":"sc:inLanguage","identifier":"sc:identifier"}],"actor":"https://globe.pub/u/mplewis","to":["https://lemmy.world/c/world"],"object":"https://lemmy.world/c/world","type":"Follow","id":"https://globe.pub/activities/follow/7dec89e1-eea0-4265-98c4-8e927fde3f6f"}
2023-07-16T20:05:18.250812Z DEBUG activitypub_federation::activity_queue: Activity https://globe.pub/activities/follow/7dec89e1-eea0-4265-98c4-8e927fde3f6f was rejected by https://lemmy.world/inbox, aborting: Incoming activity has invalid signature
1 point

The error is bubbling up from the activity pub library that Lemmy uses: https://github.com/LemmyNet/activitypub-federation-rust/blob/main/src/http_signatures.rs

See “ActivitySignatureInvalid”

Not sure why you’d be seeing this though. Something wrong with your Lemmy signature maybe? I’ve never actually set one up myself, but I assume you generate some kind of cert at some point, or it uses your SSL cert or something? Maybe a misconfiguration in that area?

permalink
report
reply
2 points

What I discovered is this was due to me running a past instance of Lemmy on this domain, then wiping it and losing the instance/user public keys. So all the servers I’ve talked to in the past have a public key in mind for globe.pub which no longer exists. I think this means that the domain is no longer usable for federation, as instances don’t prune dead instances from their list.

permalink
report
parent
reply
1 point

Interesting! I wonder if that should be written up as a bug report, or if it’s by design. I guess I could see both cases. Glad you figured it out though!

permalink
report
parent
reply

Lemmy Support

!lemmy_support@lemmy.ml

Create post

Support / questions about Lemmy.

Matrix Space: #lemmy-space

Community stats

  • 153

    Monthly active users

  • 1.2K

    Posts

  • 5.7K

    Comments

Community moderators