powered by Jive Software

Port problems conections Smack 4.1.3 and open Fire 3.10.2

Hello,

First of all thanks in advance for trying to help me with this problem.

I’m making a client with xmpp with Smack 4.1.3 and Openfire 3.10.2, I can connect with the client on port 5223 but I can’t on 5222.

The code is:

SSLContext ctx = null;

try {

ctx = SSLContext.getInstance(“TLS”);

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

}

try {

ctx.init(null, new TrustManager[]{new TrustAll()}, null);

} catch (KeyManagementException e) {

e.printStackTrace();

}

/////////

//Config Connection

XMPPTCPConnectionConfiguration.Builder config = XMPPTCPConnectionConfiguration.builder();

config.setSecurityMode(ConnectionConfiguration.SecurityMode.ifpossible);

config.setUsernameAndPassword(“user”, “pass”);

config.setServiceName(“raspberrypi”);

config.setHost(“192.168.0.199”);

config.setPort(5222);

config.setDebuggerEnabled(true);

config.setSocketFactory(ctx.getSocketFactory());

mConnection = new XMPPTCPConnection(config.build());

try {

//Conectamos al servidor

mConnection.connect().login();

System.out.println("It is Connected? "+ mConnection.isConnected());

} catch (SmackException | IOException | XMPPException e) {

e.printStackTrace();

}

In the server i have the next self certificates and the configuration for connection is:

Captura de pantalla 2015-08-10 a las 15.16.08.png

Captura de pantalla 2015-08-10 a las 15.17.25.png

We try to connect, but the next error shows up:

javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0xb9cfaae0: Failure in SSL library, usually a protocol error

08-10 13:19:10.573 23246-23263/com.pere.xm W/System.err﹕ error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (external/openssl/ssl/s23_clnt.c:766 0xaee025e1:0x00000000)

I’ve checked with openssl the port 5223 response with protocol but port 5222 not response:

pi@raspberrypi ~ $ openssl s_client -connect 192.168.0.199:5223

CONNECTED(00000003)

depth=0 CN = raspberrypi

verify error:num=18:self signed certificate

verify return:1

depth=0 CN = raspberrypi

verify return:1


Certificate chain

0 s:/CN=raspberrypi

i:/CN=raspberrypi


pi@raspberrypi ~ $ openssl s_client -connect 192.168.0.199:5222

CONNECTED(00000003)

3069367504:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:774:


no peer certificate available


No client certificate CA names sent


SSL handshake has read 7 bytes and written 298 bytes


New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE


Please, any help to solve the problem, and succes on connect safley on port 5222-

Thanks everyone!.

Remove the setSocketFactory(ctx.getSocketFactory()); when connecting to port 5222 and use setSecurityMode(required) instead.

Thanks for the answer the doubt so fas!

Now the error is:

org.jivesoftware.smack.SmackException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

08-10 15:32:54.064 6156-6169/com.pere.xm W/System.err﹕ at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1008)

08-10 15:32:54.064 6156-6169/com.pere.xm W/System.err﹕ at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$200(XMPPTCPCon nection.java:935)

08-10 15:32:54.064 6156-6169/com.pere.xm W/System.err﹕ at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:950)

08-10 15:32:54.064 6156-6169/com.pere.xm W/System.err﹕ at java.lang.Thread.run(Thread.java:856)

08-10 15:32:54.064 6156-6169/com.pere.xm W/System.err﹕ Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

Moved to Smack Users forum. Please have a look at How to ask for help or report an issue · igniterealtime/Smack Wiki · GitHub

I solve the problem with: Connecting to a server that uses a self signed certificate

1-Create a bks keystore. I used KeyStore Explore 5.1.1

2- Export cert from keystore of the Openfire

3- Import certs to new bks keytore.

4- Copy keystore to android project.

5- the code:

Resources res = getApplicationContext().getResources();

String packageName = getApplicationContext().getPackageName();

int id = res.getIdentifier(“keystore”, “drawable”, packageName);

InputStream ins = res.openRawResource(id);

KeyStore ks = null;

try {

ks = KeyStore.getInstance(KeyStore.getDefaultType());

ks.load(ins,“password”.toCharArray());

} catch (KeyStoreException e) {

e.printStackTrace();

} catch (CertificateException e) {

e.printStackTrace();

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (IOException e) {

e.printStackTrace();

}

TrustManagerFactory tmf =

null;

try {

tmf = TrustManagerFactory

.getInstance(TrustManagerFactory.getDefaultAlgorithm());

tmf.init(ks);

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (KeyStoreException e) {

e.printStackTrace();

}

SSLContext sslctx = null;

try {

sslctx = SSLContext.getInstance(“TLS”);

sslctx.init(null, tmf.getTrustManagers(), new SecureRandom());

} catch (NoSuchAlgorithmException e) {

e.printStackTrace();

} catch (KeyManagementException e) {

e.printStackTrace();

}

XMPPTCPConnectionConfiguration.Builder config = XMPPTCPConnectionConfiguration.builder();

config.setSecurityMode(ConnectionConfiguration.SecurityMode.required);

config.setUsernameAndPassword(“user”, “pass”);

config.setServiceName(“raspberrypi”);

config.setHost(“192.168.0.199”);

config.setPort(5222);

config.setDebuggerEnabled(true);

config.setCustomSSLContext(sslctx);

mConnection = new XMPPTCPConnection(config.build());

try {

//Conectamos al servidor
mConnection.connect().login();

System.out.println("Esta conectat? "+ mConnection.isConnected());

} catch (SmackException | IOException | XMPPException e) {

e.printStackTrace();

}

Thanks everyone!.

Can you tell me how you exported cert from keystore of openfire?