Java exceptions when attempting SSL connections

Hi All,

I have a developer engaged who is building an XMPP client using the Smack library. We are seeing errors generated when attempting to connect from the prototype client, but only on a specific platform. I would really be grateful if someone could offer me some pointers as to what is going wrong here. I can obtain portions of his code or any debug/log output if it helps.

First, I have two test Openfire servers. Both are running Openfire 3.7.1, both are on JDK6 Update 37 and both are on the same private network.

One Openfire server is running on Ubuntu 12.04 LTS. The other is running on OpenIndiana oi_151a7 (which is based on an Illumos kernel for anyone interested). The settings for both servers have been manually duplicated, in particular, setting the “SSL Enabled” setting to “Disabled”.

The prototype client is running on Mac OS 10.8.3, connected to the same wired private network. DNS is not being used.

On attempting to connect to the Ubuntu-hosted Openfire server, the client will connect straight away, with no errors.

On attempting to connect to the OpenIndiana-hosted server, the client will not connect, and the attached error is generated in Openfire.

For the search engines, the relevant errors appear to be:

“org.jivesoftware.openfire.nio.ConnectionHandler - Could not parse key values”

“java.lang.RuntimeException: Could not parse key values”

“Caused by: java.io.IOException: extra data given to DerValue constructor”

In both Openfire servers (in spite of the SSL socket being disabled), the certificate installed is simply the one automatically generated on first-run of Openfire.

In all cases, connecting from Spark 2.5.8, Adium, Pidgin etc. to the OpenIndiana-hosted server all works fine. So, it looks like there might be something platform-specific which we have not accounted for in the code - as to what that is, any suggestions would be hugely appreciated.

Cheers,

Dave
OpenfireErrorLog.txt.zip (1036 Bytes)

Bump - anyone have any pointers on this one?

Cheers,

Dave