(3:52:24 PM) jdev@conference.jabber.org/seth: sorry to privmsg you, but I was hoping I could get your help on what looks like an openfire issue. Do you have a minute to chat? (3:54:28 PM) Guus: hi (3:54:34 PM) jdev@conference.jabber.org/seth: hi (3:54:48 PM) Guus: actually, I'm very busy :/ (3:54:58 PM) jdev@conference.jabber.org/seth: yes (3:54:59 PM) jdev@conference.jabber.org/seth: http://community.igniterealtime.org/thread/42845 (3:55:06 PM) jdev@conference.jabber.org/seth: intermediate (chaining) certs (3:55:15 PM) jdev@conference.jabber.org/seth: ignore my emails (3:55:16 PM) jdev@conference.jabber.org/seth: yeah (3:55:31 PM) jdev@conference.jabber.org/seth: the emails were when I thought this issue was related to another - it's not - I spent last week testing it (3:55:49 PM) jdev@conference.jabber.org/seth: the problem is when the certfile presented to openfire has more than one cert in it. Openfire drops the tls connection (3:56:01 PM) Guus: ah (3:56:08 PM) Guus: that might explain for some issues that I've been seeing (3:56:27 PM) jdev@conference.jabber.org/seth: I have a godaddy cert which requires 3 intermediates (3:56:41 PM) jdev@conference.jabber.org/seth: When I bundle them, openfire to prosody fails. (3:56:52 PM) jdev@conference.jabber.org/seth: when I use just my cert (get rid of the other intermediates), it works (3:57:01 PM) jdev@conference.jabber.org/seth: BUT then the clients complain because the chaining is broken (3:58:25 PM) jdev@conference.jabber.org/seth: I also tried all the (documented) available options. (3:58:37 PM) Guus: I'm terribly busy at the moment (3:58:44 PM) jdev@conference.jabber.org/seth: ok (3:58:44 PM) Guus: I'll copy/paste this conversation in a new JIRA issue (3:58:48 PM) Guus: and figure it out later, ok? (3:59:09 PM) jdev@conference.jabber.org/seth: thanks. yeah. THis is a bit important to me, so any attention you could give it would be greatly appreciated. Thank you very much. (3:59:26 PM) Guus: I'm always happy to accept patches (3:59:43 PM) jdev@conference.jabber.org/seth: I don't know java at all. If openfire were written in python, ...
Environment
None
Activity
Show:
Rene Voegeli February 3, 2015 at 5:34 PM
@Daryl: Thank you I "downgraded" to the beta, the fix for this issue is still working for me (as expected).
Still having my SSL problem, though. :/ Could you have a look at my forum post? Maybe post an issue in the tracker?
Cheers, Rene
Daryl Herzmann February 2, 2015 at 2:06 PM
@Rene, sorry about that. While I fixed the file name, I failed to upload that fixed name to S3, so that is why the download would fail. I uploaded it on Sunday and verified that the download works now.
Neustradamus February 1, 2015 at 2:16 PM
nice with the latest nightly (not the beta)
Rene Voegeli February 1, 2015 at 12:04 PM
In the meantime I'm happy to call this issue here fixed for me with the latest nightly. Looks like the server-to-server connection was established successfully
Rene Voegeli February 1, 2015 at 11:37 AM
Hi Daryl,
no worries. The deb package is showing up, however I get a 404 error when I try to download it <Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>openfire/openfire_3.10.0.beta_all.deb</Key><RequestId>C95AD7DD55F1E9CB</RequestId><HostId>Ty7uSaryXbE1nMK4IlwA2oM5nA2WiYSbLA8bZmpHBV9+Pnp/CkytdQyWAIpATH7v</HostId></Error>
I'm testing with the nightly now to reconstruct my SSL handshake problem and post an issue in the forums.
