After lots of struggle, I have managed to enable SSL in openfire server. I am able connect admin console on secure port and users can communicate on port 5222 with “Requires encryption” option.
While connecting through 5223 port with “Requires encryption” option, I am getting “XML Parse error” on pidgin. I am pasting the error logs too.
What is the best way for secure communication in openfire? Can anyone suggest a blog or article on that?
=================
Error from pidgin
(00:38:04) jabber: Recv (7):
(00:38:04) jabber: XML parser error for JabberStream 0x8acfa70: Domain 1, code 4, level 3: Document is empty
(00:38:04) jabber: Recv (433): <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream=“http://etherx.jabber.org/streams” xmlns=“jabber:client” from=“admin.xxxxxxx.com” id=“50b7d76” xml:lang=“en” version=“1.0”>stream:featuresDIGEST-MD5PLAINCRAM-MD5</stream:features>
(00:38:04) jabber: xmlParseChunk returned fatal 4
(00:38:04) connection: Connection error on 0x8aeb048 (reason: 0 description: XML Parse error)
(00:38:04) account: Disconnecting account test1@admin.xxxxxxx.com/ (0x825acd0)
(00:38:04) connection: Disconnecting connection 0x8aeb048
====================
/opt/openfire/logs/info.log
2015.02.05 13:08:14 org.jivesoftware.openfire.nio.ConnectionHandler - ConnectionHandler reports IOException for session: (SOCKET, R: /XXX.XXX.XX.XXX:13197, L: /XX.XX.XXX.XXXX:5223, S: 0.0.0.0/0.0.0.0:5223)
javax.net.ssl.SSLHandshakeException: SSL handshake failed.
at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:416)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.common.support.AbstractIoFilterChain$HeadFilter.messageReceived (AbstractIoFilterChain.java:499)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.fireMessageReceived(Abstra ctIoFilterChain.java:293)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.j ava:228)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcesso r.java:198)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProce ssor.java:45)
at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProce ssor.java:485)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java :171)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.mina.filter.support.SSLHandler.unwrap0(SSLHandler.java:668)
at org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:624)
at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:503)
at org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:306)
at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392)
… 14 more
Any help would be greatly appreciated.