S2S SSL setup problems + Database room injection problem

Johan1 · December 13, 2010, 12:31pm

Hi i am currently trying to setup S2S SSL between initially two domains but it will expand later to alot more.

I have two domains called Red and Blue.

I can set them up so that regular plain traffic S2S connectivity works flawless and its tested and working as expected. But when i try to add in SSL/TLS it just wont work propertly.

I think it is an certificate issue that is yet unresolved. I generate my own certificates for RSA and DSA locally in each domain and they are CA signed and i do not use the regular self generated certificates. Those certificates enables up SSL within the domain and to all clients.

I have tried to insert the Root Certificate from blue -> red and from red -> blue in all possible key and truststores including the java default. I have also tried to insert the RSA and DSA certificates from blue into the reds keystores and the other way around to but without success.

Other solutions suggested on this forum is the property that makes the SSL code not check the certificates. Accept self signed certificates and so on. Ports are open and tested thats not it. Rooms and users work propertly as regular S2S works.

The logs do not produce more then 2 exceptions and problems. The first is: javax.net.ssl.sslexception: unsupported record version unknown-47.115 that is thrown 2 times after a client from the other domains tries to connect to another domain. The second is a series of DNS lookups that do not resolve where is seems as it cannot find the right address and works backwards trying to find it but is unable to.

Any suggestions or guidance how to proceed would nice.

A second problem i found is that i try to add a new room to a openfire server by inserting data directly into the database table “ofmucroom”. The problem i found is that the room wont show up in the web admin console until atleast one person have loged into the room and updated its presence i think it is and then it becomes avaliable in the admin console. But an error i get when i want to change some room setting is this exception and no settings is saved. Rooms created by the admin console have no problems with this and i cannot find any database table that have some data i am missing to insert upon creating the room. Also all the injected rooms work in all clients without any problems.

Exception:

org.jivesoftware.openfire.muc.ConflictException

at org.jivesoftware.openfire.muc.spi.IQOwnerHandler.processConfigurationForm(IQOwn erHandler.java:364)

at org.jivesoftware.openfire.muc.spi.IQOwnerHandler.handleDataFormElement(IQOwnerH andler.java:310)

at org.jivesoftware.openfire.muc.spi.IQOwnerHandler.handleIQ(IQOwnerHandler.java:9 1)

at org.jivesoftware.openfire.admin.muc_002droom_002dedit_002dform_jsp._jspService( muc_002droom_002dedit_002dform_jsp.java:305)

at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)

at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1093)

at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:11 8)

at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)

at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)

at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:66)

at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)

at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:42)

at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)

at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:70)

at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)

at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:146)

at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)

at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)

at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)

at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)

at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)

at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)

at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollect ion.java:206)

at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)

at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)

at org.mortbay.jetty.Server.handle(Server.java:324)

at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)

at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.j ava:829)

at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)

at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)

at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)

at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)

at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)

The page called to get this exception is this

https://admin.chatsrv.domain.se:9091/muc-room-edit-form.jsp?roomJID=ops@conferen ce.domain.se&9091/muc-room-edit-form.jsp?roomJID=ops@conference.domain.se&

save=true&

create=false&

roomconfig_persistentroom=true&

roomconfig_roomname=ops&

roomconfig_roomdesc=ops&

room_topic=ops&

roomconfig_maxusers=50&

roomconfig_presencebroadcast=true&

roomconfig_presencebroadcast2=true&

roomconfig_presencebroadcast3=true&

roomconfig_roomsecret=&

roomconfig_roomsecret2=&

roomconfig_whois=moderator&

roomconfig_publicroom=true&

roomconfig_canchangenick=true&

roomconfig_registration=true&

Submit=Save+Changes