New to the forum here but our company seems to be having an issue with connection. There are two servers that we must have Spark connect to. One being our own internal Openfire Server and the other being our outsourced call center’s server. We are able to connect to spark locally with a mix of versions of the spark client (2.6.3, 2.7.1, 2.8.1, 2.8.3). However the moment we switch the to the IP of our outsourced call center we my encounter a login error depending on the version of the client. See below:
Version
2.6.3 - OK
2.7.1 - OK
2.8.1 - Unable to verify certificate error
2.8.3 - Unable to verify certificate error
On the versions with the error I check the “Accept all certs” and “Disable hostname verification”. When I attempt to log in again I receive the login error “invalid username or password”. I know these credentials are right as 2.6.3 and 2.7.1 work just fine with the same info. Can anyone shed some light on this? It works just fine on the older versions of the client.
Openfire Versions
Locally - 4.1.0
Outsourced Call Center - 3.9.2
I was attempting to find a compatibility list for spark / openfire but couldn’t seem to find it. Could it be the call center’s older Openfire server is too hold to handle the newer client? What do you guys think?
your outbound server that’s using 3.9.2 is likely trying to authenticate using iq auth. IQ Auth, which has been removed in openfire 4.x and in Spark 2.8.x. Id recommend upgrading openfire to the latest build. If you can not do that, then you’ll need to use a sasl auth mech. check your system properties for sasl.mechs. what options do you have listed there?
Are you putting IP into Domain field in Spark? What happens if you put the call center’s domain name in there and put the IP into Host field on the Advanced settings?
There is another issue in the fold here. The other server is technically not our own so we do not have much say in changing the auth mech. Is there anything I can actually do with the client software? If not I will have to downgrade our office’s PC’s to something below Spark 2.8. Perhaps the server may help with that though.
Unfortunately the other part of this equation is that it is across a site to site VPN with two separate domains. It seems as if this isn’t possible especially since we are unable to change Openfire 3.9.2 to something newer. I can only downgrade the software unless there is a way to modify the client. I cannot even ping the FQDN of the server on the otherside. Thus we need to use the IP address.
What i am suggesting is not a change of auth mechanism, but rather a way of providing the same auth. But the right way. IP shouldn’t be put into Domain field. It is called Domain for that reason. If you can’t find out your outsourced server’s domain name (not server’s FQDN), then i’m afraid using 2.7.7 version of Spark is your only option. Release Spark 2.7.7 · igniterealtime/Spark · GitHub