powered by Jive Software

3.9.2 - Secure S2S is broken on Centos 6.5 (tested on i386 and x86_64, .rpm)

Here is a lot of problems, and all of this dance around rsa and dsa certificates.

All tests were conducted on a centos minimal, created a special for openfire deployment - so, any software conflict is impossible.

Without TLS\SSL openfire’s s2s works fine, but, if i on “Accept self-signed certificates. Server dialback over TLS is now available.” - we got a problems:

Incoming secure connections works fine - server handles them correctly , and I get the messages.

But outgoing - cause errors such as “404 not found” and “Handshake Error”. And we can conclude that the problem in the algorithm of outgoing secure connection or handler certificates.

I tried to install my self-signed certificates(via import), but in this case I only get an additional error - “certificate does not belong to a domain .”

I tried to sign my certificate using a query that gave me openfire - signed certificate was sucessfully installed, but it did not solve the problem.

Looks like that we have global outgoing secured connetcion issue. I test it with 15 servers, including jabber.org

In 3.9.1 this problem in not presented, so i downgraid it(centOS x86_64 - all fine, .rpm)

If nobody have an idea about this - at next week i will try to compare 3.9.2\3.9.1 sources and find a problem + give solution…

I have raised OF-787 on this, any code help you can provide would be very much appreciated.