powered by Jive Software

Openfire not going through all TLS certificates


#1

I was testing account creation issue in Spark, so i have setup a test server with name 127.0.0.1. Then i reran the setup and named it testop. I then tried to login in Spark 2.8.1 into testop domain (i had IP address 127.0.0.1 in the Advanced settings) and got the error “Certificate hostname verification failed”. This error is shown when there is a mismatch between server’s certificate domain and domain you are trying to login to. Then i went into TLS store and deleted old 127.0.0.1 certificates leaving only new testop certificates in place. I then was able to login in Spark. So, it looks like Openfire was still checking against older certificates. Not sure what would be a correct behavior, but that was confusing as correct certificates were already in place, but Openfire was still checking against older 127.0.0.1 certificates.

Was using 4.1.0 alpha.


#2

That’s with the self-signed certificates produced by Openfire itself.


#3

As i’m not getting attention here, i have filed the ticket in JIRA OF-1218