Try the debugging gateway.jar that i posted in this thread. It will lay out exactly what jml is attempting to do. The only reason an https connection attempt wouldn’t be occurring is if it’s not even getting to that point, perhaps because it isn’t able to communicate over 1863 properly.
That’s the reason why I think there is traffic:
IP myserver@mydomain.com.33966 > mydns.mydomain.com.domain: 11859+ A? login.live.com. (32)
This log entry on my side make me think there’s a DNS request.
IP mydns.mydomain.com.domain >myserver.mydomain.com.33966: 11859 2/4/4 CNAME[domain]
This is the reply from DNS server
IP myserver@mydomain.com.54551 > 65.54.183.203.https: S …
This is the attempt to contact login.live.com but nothing comes back from 65.54.183.203 … There is an attempt to connect but some timeout prevent from receiving any answer.
At last, that are my log entries, which may differ from yours ! You’re maybe pointing another problem if you think that the IM gateway plugin don’t even perform a try to connect to login.live.com …
Hey cgravier, regarding your command line options. Just to see if it works, try https instead of http for those options and see if that happens to do the trick.
F*****k !
I knew it was https in java JVM what the hell was I tinking while testing that ! (regarding the link I give in mail)
That DOES the trick
=D Awesome, good to know. I’ll create a quick document about this for now.
I don’t know what ill side effects there might be from setting that at a global level, so if you wouldn’t mind “try a bunch of stuff” with your openfire server and see if anything looks odd (or at least report back if odd things start occuring)
Did I miss any thing ? Is there a solution ??
At my site there is NO https traffic.
I haven’t the slightest idea what’s going on on your end. I posted a moment ago with some comments about your issue and a suggestion though. Look further back in the thread. =) cgravier’s issue was solved via a java-wide proxy setting.
Yep I’ll try some stuffs. I am already using msn and gtalk gateways and classical openfire settings. It is just running smoothly
As I said earlier, although this is pretty fine workaround, the best would be to modify the https connections at the Java source code level in order to perform https conenction through a proxy that one can set in the admin panel for IM gateways.
But I am aware that this required some times that you may not have, so the workaround is fine for now. If you ever have some time and the will to modify the source code according to the mail I send you, you can contact me if you want to test the result on my server behind a http proxy
Best Regards,
cgravier.
Perhaps you can see what the problem is at my site, wehn you look at my debug output: http://nopaste.debianforum.de/6596
All other gateways i’ve tried work as expected, ICQ, googletalk, AIM, Yahoo, IRC
As said earlier, please install the gateway.jar provided in this thread (page 2 or 3 ?) as it enable more debug output.
Retest and repaste the resulting debug.log, this could help a lot.
Ok, now i got it her is the debug log.
Hope you can help …
Hrm, yeah it’s not even getting to the https part. It sent three things and never got a single response. (all over port 1863, unless you’ve changed that in the admin console) At that point it should literally be talking to exactly what you have in the admin console so that might help with your tcpdump based debugging. =)
The first part is the connectiontest, which succeeds. The second part is the real connection.
13:41:41.013577 172.27.19.2.2982 > 65.54.183.203.443: S 1405510981:1405510981(0) win 5840 (DF)
IS https and is answered too …
I see a lot of at least ACKs going on there so communication appears to be occuring one-way. I would assume your firewall is set up to keep the connection once it’s established, but just in case, would you mind verifying that established connections are allowed back and forth? (ie, your client connects to 1863 on the msn server and communication back from port 1863 is able to make it through). Clearly ACKs are making it. Still, hard to tell what’s really going on without the actual real data to feed into wireshark.
I’Ve captured the traffic and analyzed it with wireshark.
http://img507.imageshack.us/my.php?image=msntm9.png
I recive CVR and a USR request. AFAIK MSN should not send a USR request but WE should … but i don’t know this very mutch …
So as you can see from that log, the https attempt is being made. The USR response comes -after- the https part because the MSN client needs to contact login.live.com via https to get your actual credentials key or ticket which will be tagged onto the USR response. You appear to be running into exactly the same problem that cgravier was having. Does your organization require a proxy for outgoing web traffic?
stupid me … now i got it. finally it works with “-Dhttp…”
one last question: i would prefer to use proxy authentication. is this possible too ? found nothing appropriate …
Proxy authentication will definitely be supported when I implement -real- proxy support. =) I don’t know about this method though. I couldn’t find anything in the docs that talked about it. cgravier, any ideas?
next problem, sorry …
things that work:
-
i can register
-
i see my contacts online
-
others can see me online
-
i can wirte to them
and now the problem: other can write to me but the messages do not show up at my site.
Solved: i’ve “downgraded” to the original gateway.jar - with this one every thing works as expected. The problem was the debunging version of the jar.