powered by Jive Software

Authentication issu in openfire 4.1.4

Hello jive community

i hope you all are wale

I am a new user in jive community. currently i have setup open fire 4.1.4 in Ubuntu 14.04 desktop 64 bit OS for internal chat server.

I have download tar.gz file from official link and extract in /var/www/html/ folder. than i have access open fire by port 9090.

Than i have follow steps and i have create database in MySQL and all steps finish.

Than i have login in open fire and create two users its login success fully.

But problem is when i send request one user to second user for authentication so second user do not get any request from one user.

so any one can help me for solve this problem.

Your reply is very help full for me

also sorry for my bad english

Thanks in advance.

Do you login with clients on the same PC where server is installed? What clients do you use? What do you put into Domain field in the clients?


first thanks for reply

Yes i have login in server system by client.

I have use pidgin but when its not work than i have install spark 2_5_8 but it’s not work.

I have put in IP address of server in client in domain field.


First of all, do not use such an ancient version of Spark. 2.8.3 is the latest version.

IP address shouldn’t be used to login to xmpp server. You should use the domain. Same domain as it is shown on the home page of the Admin Console (XMPP Domain Name).


I have follow steps which you told me but now this error is come.

Error : Unknown connection error.please review the logs for more information

Also i have attache screen short.

Screenshot from 2017-05-10 13^%18^%15.png


Check Spark logs. Should be in $HOME/.Spark/logs


May 10, 2017 1:20:03 PM org.jivesoftware.spark.util.log.Log warning

WARNING: Exception in Login:

org.jivesoftware.smack.SmackException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1029)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPCon nection.java:956)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:971)

at java.lang.Thread.run(Thread.java:748)

Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)

at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)

at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)

at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)

at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)

at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)

at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)

at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.proceedTLSReceived(XMPPTCPConnecti on.java:768)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.access$1000(XMPPTCPConnection.java :139)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1022)

… 3 more

Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed

at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:352)

at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:260)

at sun.security.validator.Validator.validate(Validator.java:260)

at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)

at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:22 9)

at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.j ava:124)

at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)

… 13 more

Caused by: java.security.cert.CertPathValidatorException: signature check failed

at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterC ertPathValidator.java:135)

at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValid ator.java:219)

at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValid ator.java:140)

at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPat hValidator.java:79)

at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)

at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:347)

… 19 more

Caused by: java.security.SignatureException: Signature does not match.

at sun.security.x509.X509CertImpl.verify(X509CertImpl.java:424)

at sun.security.provider.certpath.BasicChecker.verifySignature(BasicChecker.java:1 66)

at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:147)

at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterC ertPathValidator.java:125)

… 24 more

Thats logs created

I read this but i don’t understand.


What Java version do you have installed on the system? It is better to use Oracle’s latest Java 8. But i’m not sure if you can have this on Debian. Debian is not very good for users. I only use Windows, so it is hard to suggest anything. Maybe you can install client on some Windows PC.


In my server oracle java is installed.

"ubuntu@ubuntu:~$ java -version

java version “1.8.0_131”

Java™ SE Runtime Environment (build 1.8.0_131-b11)

Java HotSpot™ Client VM (build 25.131-b11, mixed mode)"

I have check in windows spark give me same error but by pidgin users are login.

But issue is users are send authentication request to other user that request not send.

so what is a issue is there its a client issue or server issue


On Windows you install the full version of Spark (with JRE included)? Go to C:\Users\username\AppData\Roaming\Spark\logs\ zip all the logs and attach here. Use advanced editor in the corner of message window to attach files here.

You are able to login when using IP address, but other things don’t work as IP usage is not allowed in XMPP/Jabber. Once you will be able to login using your xmpp domain, then authorization requests will work. But domain that you have specified during Openfire installation has to be resolvable/routable in the network.


first sorry for late reply.

I have install spark 2.8.3 in windows and than login in so i got error which i have attach here by name “capture.png”.

Also i have attach log file which you want.


warn.log.0.zip (1115 Bytes)

This error happens because domain in the SSL certificate is not matching the domain you are trying to login to. I see that you are trying to login to domain “ubuntu”. But is this name added into your DNS in the network, can you ping “ubuntu”? Probably not. You can’t just specify any name for a domain and expect it magically work without adding required network entries.

In Admin Console go to TLS/SSL Certificates menu and press on the first Manage Store Contents link. What name do you see for the certificates there? Is it ubuntu (ubuntu_dsa), ubuntu (ubuntu_rsa)? If so, then you have to login using ubuntu as domain and then there won’t be that error “Unable to verify certificate”. Of course, you will probably receive another error as “Unknown connection error” because “ubuntu” is not known in your network. You can still put ubuntu as Domain in Spark, but on the Advanced menu uncheck Host and put your server’s IP there. Also check the “Accept all certificates” option.

Btw, next time zip all the logs in the logs folder and attach, not just one warn.log.0 file. Unless there was only this one file there.


openfire 4.1.4 working for me. I have use spark 2.5.8 than working.

Now my question is its only work with spark no any other client support?

And second is when i go for monitoring of client Chet so give me error “archive inbox rebuild failed”

so what is a issue is there.


If you want to use such old version, then it’s your choice. Just don’t ask support questions about 2.5.8. It’s not supported here.

Other clients should work when everything is setup and configured properly. If some client doesn’t work it’s most probably because of the same reason why new version of Spark doesn’t work for you.

If you have other unrelated questions, it is better to start another topic. That error about index is only a visual glitch as far as i know, but i’m not using Monitoring plugin myself. Error in Monitoring Plugin " Archive Index rebuild failed. "