Certificate problems...client doesn't see change in certificate

Paul_Keser · March 13, 2008, 3:53pm

I am settiing up a proof of concept OpenFire 3.45 server running on Ubuntu Gutsy. Before we integreate with our LDAP & Shibboleth infrastructure I need to find a configuration that if the server certificate changes the client will notify the user of the change in certificate.

When I used Spark or Pidgin I connect fine but when I change the cert it still connects and there is no indication of a change in cert. When I use https to connect to the management interface I do see a warning about the change in cert. I tried using PSI and as soon as I turn on SSL PSI breaks.

Finally I tried using SparkWeb and I get a 404 error:

HTTP ERROR: 404

NOT_FOUND

RequestURI=/

Powered by Jetty://

I am new to OpenFire and previously have only used Jabber/Pidgin as a user. Any suggestions and troubleshooting tips would be greatly appreciated. This is not in production so I have no problem running 3.5rc1 if that would make any difference.

Thanks

-PaulK

akrherz · March 18, 2008, 6:17pm

Hi PaulK,

Your question is probably better answered on the client forums for Spark or Pidgin. Speaking for Pidgin, it doesn’t have much for SSL cert management. i thought there was a SOC project for it at some point, but not sure what happened with that.

daryl

NO_MESSAGES_OR_FRIEN · March 18, 2008, 6:37pm

The client should not care if the SSL cert changes. It could be that psi does not use the current SSL method you may have to change a setting in the application to use old SSL. As for sparkweb you need to be running the enterprise version of openfire to use sparkweb.