Cannot make server to server connection-help

hi, thanks for sticking with this. i have it enabled on both servers. i have a whitelist (a testing step) but originally, i was allowing all connections, did not make a difference

hi, can you tell me where you guys are with the fixes for s2s ? I think I am having this issue.

thanks

Sorry for the late response. All of those fixes are in 4.4.4. Did any of them fix your issue?

Guus, sorry for going dark…in short, no, site to site broke after my upgrade from 4.21 to 4.3 and has never worked since. i am on latest 4.4.4.1 on both ends. the indicators are confusing. the test succeeds from a to b, but not b to a.
I saw another note that you are completely rewriting the s2s code? if so, when will that be out? If you want to see my logs, just let me know.

thanks

Any update on this? I am not able to do Openfire to Openfire (s2s). I have tried everything even with no encryption. It just seems broken. I can do s2s to prosody and jabber.org. I have no issues with those. Just seems to be talking to another Openfire server.

UG! No! I have not been able to get S2S to work and I am on current 4.5.1…I am pulling my hair out!

I guess no one supports this product. I have tried a few times to get it working. I will just stay with prosody. It is a shame. I love the interface and features, but important things like push to IOS and server to server are broken. No way to get developers to look. So hopefully in the future they will fix it, but until then I am staying with what works.

I am beging to think it has something to do with the truststores. I think the s2s is not using the server identity from the client.truststore. I did some checking and I can’t seem to get it to pass validation when testing from: https://xmpp.net/

But even when I disable encryption on both sides I can’t get it to work. So I am at a loss where the true issue is.
Also, the push notification plugin they wrote I can’t get to work either. My guess linked to SSL again.

I figured it out: Openfire to Openfire (s2s) not working

There are some people who offer their free time to help others at no cost. But of course this means there are no guarantees of service of any sort.

If that sort of guarantee is important to you, feel free to engage one of the professional partners listed at Ignite Realtime: Support - Professional Partners

Greg

1 Like

Unfortunately, this is not my issue, I am using java 1.8 and still no S2S!
Java Version: 1.8.0_242 Oracle Corporation -- OpenJDK 64-Bit Server VM

Anyone Else have any Ideas??

as a test, would you mind rolling java back to 8u221?

1 Like

hi, i would be willing to try that…but i am not sure how to do it…these are installed on centos7…can you point me in the right direction?

A post was merged into an existing topic: Connection error connecting from another computer

hi, i see this topic was merged with another…but I am pretty sure they are not the same issue. I think I have my dns right and I am think this is some kind of ssl issue. can you please explain how (if at all) you want me to proceed?

thanks a ton!

I’m not familiar enough with centos 7, but some update to java in u231 and u241 made changes to crypto and security. Id be curious to see if that is the cause or not.
https://www.oracle.com/technetwork/java/javase/8u-relnotes-2225394.html

It wasn’t merged, just some idiot posting his requests to the first topic on the list… I have moved his message to his own thread and that’s why you see this system message above.

ok, got it, thanks!

Tonyg: What SSL certs are you using? I did find that you must load them in a certain way to get S2S to work correctly. Load your domain cert and intermediate certs into the keystore at the same time. paste the main cert then intermediate next. Then in the Truststore add the ca-bundle for the cert. This will allow the S2S to work. I also found java 8 works fine. Java 11 didn’t work.

But now push notifications for IOS don’t work. I have worked with the dev from Monal and it seems it is the plugin, so likely just a bug. I am going to see if anyone else has it working.

IOscanner, I will try adding the cert in the way you suggest and let you know
thanks

all, this thread was getting long and had gone down many paths, i thought it might be better to start fresh. i am still having the issue. please refer to this new post with new information

any help is appreciated