I’m having trouble making an outgoing s2s connection to jabber.org from my server. Inbound connections seem to work okay
I’m seeing this in the log when I use the Server to Server Test tool from the openfire web console:
<iq type="get" id="276-53" from="morante.net" to="jabber.org"><ping xmlns="urn:xmpp:ping"/></iq>
<iq type="error" id="276-53" to="morante.net" from="jabber.org"><ping xmlns="urn:xmpp:ping"/><error code="404" type="cancel"><remote-server-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq>
Thu Apr 30 05:47:25 EDT 2020: INFO: Sending server to server ping request to jabber.org
Thu Apr 30 05:47:25 EDT 2020: INFO: STARTTLS negotiation failed. Closing connection (without sending any data such as <failure/> or </stream>).
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1521)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:528)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1197)
at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1165)
at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:289)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:174)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:194)
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.secureAndAuthenticate(LocalOutgoingServerSession.java:407)
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.createOutgoingSession(LocalOutgoingServerSession.java:297)
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.authenticateDomain(LocalOutgoingServerSession.java:206)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPacket(OutgoingSessionPromise.java:260)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(OutgoingSessionPromise.java:238)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1709)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:318)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:970)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:967)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1459)
at org.jivesoftware.openfire.net.TLSStreamHandler.doTasks(TLSStreamHandler.java:340)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:250)
... 10 more
Caused by: java.security.cert.CertificateException: java.security.cert.CertPathBuilderException: No issuer certificate for certificate in certification path found.
at org.jivesoftware.openfire.keystore.OpenfireX509TrustManager.checkServerTrusted(OpenfireX509TrustManager.java:108)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:1113)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1626)
... 18 more
Caused by: java.security.cert.CertPathBuilderException: No issuer certificate for certificate in certification path found.
at org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at org.jivesoftware.openfire.keystore.OpenfireX509TrustManager.checkChainTrusted(OpenfireX509TrustManager.java:261)
at org.jivesoftware.openfire.keystore.OpenfireX509TrustManager.checkServerTrusted(OpenfireX509TrustManager.java:104)
... 20 more
Thu Apr 30 05:47:25 EDT 2020: WARN: Unable to create a new outgoing session
Thu Apr 30 05:47:25 EDT 2020: WARN: Unable to create a new session: Dialback (as a fallback) failed.
Thu Apr 30 05:47:25 EDT 2020: WARN: Unable to authenticate: Fail to create new session.
Thu Apr 30 05:47:25 EDT 2020: INFO: Successful server to server response received.
Thu Apr 30 05:47:25 EDT 2020: ERROR: Primary packet routing failed
org.jivesoftware.openfire.PacketException: Cannot route packet of type IQ or Presence to bare JID: <iq type="error" id="276-53" to="morante.net" from="jabber.org"><ping xmlns="urn:xmpp:ping"/><error code="404" type="cancel"><remote-server-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq>
at org.jivesoftware.openfire.spi.RoutingTableImpl.routeToLocalDomain(RoutingTableImpl.java:309)
at org.jivesoftware.openfire.spi.RoutingTableImpl.routePacket(RoutingTableImpl.java:242)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.returnErrorToSender(OutgoingSessionPromise.java:342)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(OutgoingSessionPromise.java:241)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Thu Apr 30 05:47:25 EDT 2020: INFO: Failed to establish server to server session.