https listener won't start

[daenney]

2020-04-26 19:39:45.917 [error] [Plugins] Load plugin emqx_dashboard failed, cannot start plugin emqx_dashboard for {bad_return,^M
                                                                                     {{emqx_dashboard_app,^M
                                                                                       start,^M
                                                                                       [normal,^M
                                                                                        []]},^M
                                                                                      {'EXIT',^M
                                                                                       {{{shutdown,^M
                                                                                          {failed_to_start_child,^M
                                                                                           ranch_acceptors_sup,^M
                                                                                           {listen_error,^M
                                                                                            'https:dashboard',^M
                                                                                            {options,^M
                                                                                             {verify,^M
                                                                                              "verify_none"}}}}},^M
                                                                                         {child,^M
                                                                                          undefined,^M
                                                                                          {ranch_listener_sup,^M
                                                                                           'https:dashboard'},^M
                                                                                          {ranch_listener_sup,^M
                                                                                           start_link,^M
                                                                                           ['https:dashboard',^M
                                                                                            ranch_ssl,^M
                                                                                            #{connection_type =>^M
                                                                                               supervisor,^M
                                                                                              max_connections =>^M
                                                                                               512,^M
                                                                                              num_acceptors =>^M
                                                                                               4,^M
                                                                                              socket_opts =>^M
                                                                                               [{next_protocols_advertised,^M
                                                                                                 [<<"h2">>,^M
                                                                                                  <<"http/1.1">>]},^M
                                                                                                {alpn_preferred_protocols,^M
                                                                                                 [<<"h2">>,^M
                                                                                                  <<"http/1.1">>]},^M
                                                                                                {port,^M
                                                                                                 18084},^M
                                                                                                {honor_cipher_order,^M
                                                                                                 true},^M
                                                                                                {reuse_sessions,^M
                                                                                                 true},^M
                                                                                                {secure_renegotiate,^M
                                                                                                 false},^M
                                                                                                {verify,^M
                                                                                                 "verify_none"},^M
                                                                                                {cacertfile,^M
                                                                                                 "/etc/emqx/certs/chain.pem"},^M
                                                                                                {certfile,^M
                                                                                                 "/etc/emqx/certs/cert.pem"},^M
                                                                                                {keyfile,^M
                                                                                                 "/etc/emqx/certs/key.pem"},^M
                                                                                                {ciphers,^M
                                                                                                 ["ECDHE-ECDSA-AES128-GCM-SHA256",^M
                                                                                                  "ECDHE-RSA-AES128-GCM-SHA256",^M
                                                                                                  "ECDHE-ECDSA-AES256-GCM-SHA384",^M
                                                                                                  "ECDHE-RSA-AES256-GCM-SHA384",^M
                                                                                                  "ECDHE-ECDSA-CHACHA20-POLY1305",^M
                                                                                                  "ECDHE-RSA-CHACHA20-POLY1305",^M
                                                                                                  "DHE-RSA-AES128-GCM-SHA256",^M
                                                                                                  "DHE-RSA-AES256-GCM-SHA384"]},^M
                                                                                                {versions,^M
                                                                                                 ['tlsv1.2']}]},^M

config:

##--------------------------------------------------------------------
## HTTPS Listener

## The port that the Dashboard HTTPS listener will bind.
##
## Value: Port
##
## Examples: 18084
dashboard.listener.https = 18084

## The acceptor pool for external Dashboard HTTPS listener.
##
## Value: Number
dashboard.listener.https.acceptors = 4

## Maximum number of concurrent Dashboard HTTPS connections.
##
## Value: Number
dashboard.listener.https.max_clients = 512
## Set up the socket for IPv6.
##
## Value: false | true
dashboard.listener.https.inet6 = false

## Listen on IPv4 and IPv6 (false) or only on IPv6 (true). Use with inet6.
##
## Value: false | true
dashboard.listener.https.ipv6_v6only = false

## Path to the file containing the user's private PEM-encoded key.
##
## Value: File
dashboard.listener.https.keyfile = /etc/emqx/certs/key.pem

## Path to a file containing the user certificate.
##
## Value: File
dashboard.listener.https.certfile = /etc/emqx/certs/cert.pem

## Path to the file containing PEM-encoded CA certificates.
##
## Value: File
dashboard.listener.https.cacertfile = /etc/emqx/certs/chain.pem

## See: 'listener.ssl.<name>.dhfile' in emq.conf
##
## Value: File
## dashboard.listener.https.dhfile = {{ platform_etc_dir }}/certs/dh-params.pem

## See: 'listener.ssl.<name>.vefify' in emq.conf
##
## Value: vefify_peer | verify_none
dashboard.listener.https.verify = verify_none

## See: 'listener.ssl.<name>.fail_if_no_peer_cert' in emq.conf
##
## Value: false | true
## dashboard.listener.https.fail_if_no_peer_cert = false
## TLS versions only to protect from POODLE attack.
##
## Value: String, seperated by ','
dashboard.listener.https.tls_versions = tlsv1.2

## See: 'listener.ssl.<name>.ciphers' in emq.conf
##
## Value: Ciphers
dashboard.listener.https.ciphers = ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-CHACHA20-POLY1305,DHE-RSA-AES128-GCM-SHA256,DHE-RSA-AES256-GCM-SHA384

## See: 'listener.ssl.<name>.secure_renegotiate' in emq.conf
##
## Value: on | off
dashboard.listener.https.secure_renegotiate = off

## See: 'listener.ssl.<name>.reuse_sessions' in emq.conf
##
## Value: on | off
dashboard.listener.https.reuse_sessions = on

## See: 'listener.ssl.<name>.honor_cipher_order' in emq.conf
##
## Value: on | off
dashboard.listener.https.honor_cipher_order = on

I've commented all the dashboard.listener.http since I don't want to enable non-TLS enabled endpoints.

[HJianBo]

Hi @daenney Which version do you used?

[daenney]

Ah, I should've mentioned that. It's version 4.0.6 of EMQX (the Debian/Ubuntu package).

[alexandrim0]

Hello!
I met the same problem with 4.0.5 (docker).