I have a working Openfire setup for version 4.9.2.
I’m using the default Embedded Database HSQLDB.
I can get mobile clients connected using the current version of Conversations to connect.
If i reboot the server for updates, upon reboot, all clients lose connection. I can log into the web admin console with no issues but client connections no longer work.
Any help would be greatly appreciated
…I’m running Ubuntu 24.04
Sorry to hear that! There’s not a lot of information that we can use to help you. Can you please evaluate the log files of Openfire and your operating system, to see if they hold any clues? Can you use a tool like netstat to verify that Openfire is listening on the TCP ports that Openfire uses (like 5222 and 5269 by default)?
i’ve checked and see it listening on the correct ports (i.e. 5222/5223). In the logs i do see one thing of note:
2024.11.25 15:20:50.267 #[33mWARN #[m [socket_c2s-thread-8]: org.jivesoftware.openfire.nio.NettyXMPPDecoder - Error occurred while decoding XMPP stanza, closing connection: NettyConnection{peer: /IP:46482, state: OPEN, session: LocalClientSession{address=domain dot com/e6719fef-b069-4444-9903-b389c2a49eea, streamID=236ppv3st5, status=CONNECTED, isEncrypted=false, isDetached=false, serverName='domain dot com', isInitialized=false, hasAuthToken=false, peer address='ip', presence='<presence type="unavailable"/>'}, Netty channel handler context name: NettyClientConnectionHandler#0}
<stream:error xmlns:stream="http://etherx.jabber.org/streams">
<internal-server-error xmlns="urn:ietf:params:xml:ns:xmpp-streams"/>
<text xmlns="urn:ietf:params:xml:ns:xmpp-streams">An error occurred in XMPP Decoder</text>
</stream:error>
2024.11.25 15:20:50.267 #[30mTRACE#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.nio.NettyConnection - Flushed any final bytes, closing connection.
2024.11.25 15:20:50.267 #[30mTRACE#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.nio.NettyConnection - Notifying close listeners.
2024.11.25 15:20:50.267 #[36mDEBUG#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.SessionManager - Closing session with address domain dot com/e6719fef-b069-4444-9903-b389c2a49eea and streamID 236ppv3st5 does not have SM enabled.
2024.11.25 15:20:50.267 #[30mTRACE#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.spi.RoutingTableImpl - hasClientRoute() invoked with a JID that's not a full JID: domain dot com/e6719fef-b069-4444-9903-b389c2a49eea
2024.11.25 15:20:50.267 #[36mDEBUG#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.spi.RoutingTableImpl - Removing client route domain dot com/e6719fef-b069-4444-9903-b389c2a49eea
2024.11.25 15:20:50.267 #[30mTRACE#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.spi.RoutingTableImpl - Removing client route domain dot com/e6719fef-b069-4444-9903-b389c2a49eea from local routing table
2024.11.25 15:20:50.267 #[30mTRACE#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.spi.LocalRoutingTable - Remove local route '(null)' (for pair: '{ -> domain dot com/e6719fef-b069-4444-9903-b389c2a49eea}') not removed (was not present).
2024.11.25 15:20:50.267 #[30mTRACE#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.nio.NettyConnection - Finished closing connection.
2024.11.25 15:20:50.268 #[1;31mERROR#[m [socket_c2s-thread-8]: org.jivesoftware.openfire.nio.NettyConnection - Problem during connection close or cleanup
javax.net.ssl.SSLHandshakeException: Empty client certificate chain
It seems that Openfire is rejecting the client connection, because it is not offering a certificate when logging in. This typically is optional. I wonder why your environment requires it. Have you perhaps required mutual authentication for client connections? What happens if you disable that (or make it optional)? You can find the setting in the admin console, under Server → Server Settings → Client Connections → Advanced Configuration
DOH! I had it on ‘Needed’.
Switching to ‘Wanted’ fixes the issue; did a reboot to be sure.
Love it when a fix is just a simple mouse click.
Thanks so much!!!
1 Like