We're updating the issue view to help you get more done. 

TLS server to server connections are not working with 3.9.2

Description

Something is not working with server 2 server connections. Even igniterealtime's openfire instance is having troubles. Finding exact logs with the failure has not been fruitful yet.

Environment

None

Acceptance Test - Entry

None

Activity

Show:
Daryl Herzmann
May 5, 2014, 6:35 PM

Attempting to debug I see this in the debug logs, still boggling

Daryl Herzmann
May 5, 2014, 6:50 PM

Another fun log message while attempting to debug

Tom Evans
May 5, 2014, 10:36 PM

FYI - I am looking closer at the modified exception handling in this commit:
https://github.com/igniterealtime/Openfire/commit/0d5d58677b49bb2c18a4e5ab24b5907e1ddd27b2

Tom Evans
May 5, 2014, 11:13 PM
Edited

After tweak for exception handling, now seeing this:

2014.05.05 18:05:47 org.jivesoftware.openfire.net.SocketReadingMode - Error while negotiating TLS: org.jivesoftware.openfire.net.SocketConnection@2880efbf socket: Socket[addr=/204.93.66.11,port=37019,localport=5269] session: org.jivesoftware.openfire.session.LocalIncomingServerSession@2b218e8f status: 1 address: igniterealtime.org/5affdb24 id: 5affdb24
javax.net.ssl.SSLException: Unsupported record version Unknown-47.115
at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:116)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:168)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:182)
at org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode.java:85)
at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:138)
at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76)
at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:137)
at java.lang.Thread.run(Thread.java:745)

Daryl Herzmann
May 6, 2014, 1:21 AM

I reverted the patch for and igniterealtime's Openfire appears happier now, will reopen that ticket

Assignee

Tom Evans

Reporter

Daryl Herzmann

Labels

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Affects versions

Priority

Blocker
Configure