For various network security reasons, I need to allow SSL connections to my v1.1 Messenger server on both the standard (5223) SSL port as well as port 443 (usually reservered for HTTPS connections).
I have tried various changes to the jive-messenger.xml file, but no matter what, I can only configure the server to listen on one non-SSL port and one-SSL port.
Here is a ‘‘standard config’’:
true
5222
true
82.165.246.93
5223
JKS
security/keystore
changeit
changeit
Here is an attempt to specify two servers:
true
5222
true
82.165.246.93
5223
JKS
security/keystore
changeit
changeit
true
82.165.246.93
443
JKS
security/keystore
changeit
changeit
But after restarting the server, it only registers a listener on port 5223.
Here is an attempt that uses two elements:
true
82.165.246.93
5223
443
JKS
security/keystore
changeit
changeit
but again, the server only listens on the 5223 port.
I have also tried duplicating the entire section, as well as the entire section.
I’'m considering just running two instances of the server, both connecting to a single database. Does anyone have a different suggestion?
Playing around with various jive-messenger.xml configurations, I’‘m fairly convinced this isn’'t going to be easy.
Can anyone think of a reason why running multiple jive server instances (one listening on 5222,5223, the other on 80,443) connecting to one database would cause problems?
Does jive-messenger.xml do any write-caching in the application layer that could lead to database inconsistencies and the like?
I know that the core Messenger codebase supports listening on almost any combination of ports and interfaces. However, this may not be exposed through the config file at the moment. As soon as 2.0 is out (next week), we’'ll take a look at this issue and try to get a quick fix in.
Well, after discovering that the pathname to the ‘‘jive-messenger.xml’’ file must be hard-coded in a binary file of some sort, I decided to just duplicate my entire jive-messenger installation directories.
So I now have:
/opt/jive-messenger <-- listening on 80/443
/opt/jive-messenger2 <-- listening on 5222/5223
So far, it doesn’'t seem to be causing any problems. I have the admin web server on enabled in the 80/443 server config file.
I’'ll report back later if I come across any problems (besides memory consumption) with this kind of configuration.