ok, i installed ca-certificates package from debian witch have cacert-certs included.
nothing changed. (restarted the server)
then i put on debuglogs and closed the connection to jabber.ccc.de - a large german jabber-server. after that i spoke to friend on the server that the connection reestablished. he answered and there are in both directions NO secured connection.
This is the log but i dont unterstand it:
“2007.07.16 00:29:41 SubjectAltName of invalid type found: [” <<< what?
2007.07.16 00:29:35 Finishing Outgoing Server Reader. Closing session: org.jivesoftware.openfire.session.OutgoingServerSession@dfd643 status: -1 address: jabber.ccc.de id: 6a02b614ff0c0597a5e8d273153f963eb5db0728
java.net.SocketException: Socket closed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:129)
at org.jivesoftware.openfire.net.ServerTrafficCounter$InputStreamWrapper.read(Serv erTrafficCounter.java:201)
at sun.nio.cs.StreamDecoder$CharsetSD.readBytes(StreamDecoder.java:411)
at sun.nio.cs.StreamDecoder$CharsetSD.implRead(StreamDecoder.java:453)
at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:183)
at java.io.InputStreamReader.read(InputStreamReader.java:167)
at org.xmlpull.mxp1.MXParser.fillBuf(MXParser.java:2992)
at org.xmlpull.mxp1.MXParser.more(MXParser.java:3046)
at org.jivesoftware.openfire.net.MXParser.nextImpl(MXParser.java:75)
at org.xmlpull.mxp1.MXParser.nextToken(MXParser.java:1100)
at org.dom4j.io.XMPPPacketReader.parseDocument(XMPPPacketReader.java:317)
at org.jivesoftware.openfire.server.OutgoingServerSocketReader$1.run(OutgoingServe rSocketReader.java:92)
2007.07.16 00:29:35 Logging off jabber.ccc.de on org.jivesoftware.openfire.net.SocketConnection@1ff563 socket: Socket[addr=/217.10.9.40,port=52469,localport=5269] session: org.jivesoftware.openfire.session.IncomingServerSession@16be7ee status: -1 address: jabber.ccc.de id: 76d5c44d
2007.07.16 00:29:36 OSCAR bos snac packet received: SnacPacketEvent: snacProcessor=ClientSnacProcessor: lastreqid=25, requests: 25, paused=false, snacPacket=SnacPacket type 0x3/0xb: 462 bytes (id=2461239128), snacCommand=BuddyStatusCmd: userinfo=UserInfo for 82986538: flags=0x71 (MASK_AWAY | MASK_FREE | MASK_UNCONFIRMED | 0x40), ICQ status=ICQSTATUS_NA | ICQSTATUS_AWAY | 0x20010000, memberSince=Tue Jul 25 06:40:11 CEST 2000, sessLenAim=509min, onSince=Sun Jul 15 15:57:55 CEST 2007, away, extraInfos=[ExtraInfoBlock: type=0x2 (TYPE_AVAILMSG), extraData=<ExtraInfoData: flags=0x4 (FLAG_AVAILMSG_PRESENT), data=00 fa 4d c3 bc 6e 73 74 65 72 20 5b 31 36 3a 34 30 5d 20 2d 20 77 65 63 68 2e 20 6d 6f 62 69 6c 2e 3c 62 72 2f 3e 3c 62 72 2f 3e 6a 69 64 3a 20 66 6c 69 62 62 6f 40 6a 61 62 62 65 72 2e 63 63 63 2e 64 65 3c 62 72 2f 3e 3c 62 72 2f 3e 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 20 57 69 6e 41 6d 70 20 72 6f 63 6b 74 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 3c 62 72 2f 3e 4e 69 67 68 74 6d 61 72 65 73 20 4f 6e 20 57 61 78 20 2d 20 4c 65 73 20 4e 75 69 74 73 3c 62 72 2f 3e 3c 62 72 2f 3e 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 20 53 6f 66 74 57 61 72 65 20 4e 65 77 73 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 3c 62 72 2f 3e 44 69 76 58 20 36 2e 36 20 2d 20 77 77 77 2e 64 69 76 78 2e 63 6f 6d 3c 62 72 2f 3e 57 69 6e 52 00 00>, ExtraInfoBlock: type=0xd (null), extraData=<ExtraInfoData: flags=0x4 (FLAG_AVAILMSG_PRESENT), data=46 9a 9f 64>], extraTlvs=[TLV: type=0xc, length=37 - hex: c0 a8 00 ea 00 00 c3 68 04 00 08 00 00 00 00 00 00 00 50 00 00 00 03 7f ff ff ff 00 03 09 00 00 00 00 00 00 00, TLV: type=0xa, length=4, uint value=1401415956: 53 87 e9 14, TLV: type=0x27, length=4, uint value=1184538468: 46 9a 9f 64], longcaps: [] - FlapPacketEvent: flapProcessor=FlapProcessor: seqNum=SeqNum: min=0, max=65535, last(current)=26, flapCommand=SnacFlapCmd: packet=SnacPacket type 0x3/0xb: 462 bytes (id=2461239128), flapPacket=FlapPacket (channel=2, seq=53238)
2007.07.16 00:29:36 OSCAR snac packet received: SnacPacketEvent: snacProcessor=ClientSnacProcessor: lastreqid=25, requests: 25, paused=false, snacPacket=SnacPacket type 0x3/0xb: 462 bytes (id=2461239128), snacCommand=BuddyStatusCmd: userinfo=UserInfo for 82986538: flags=0x71 (MASK_AWAY | MASK_FREE | MASK_UNCONFIRMED | 0x40), ICQ status=ICQSTATUS_NA | ICQSTATUS_AWAY | 0x20010000, memberSince=Tue Jul 25 06:40:11 CEST 2000, sessLenAim=509min, onSince=Sun Jul 15 15:57:55 CEST 2007, away, extraInfos=[ExtraInfoBlock: type=0x2 (TYPE_AVAILMSG), extraData=<ExtraInfoData: flags=0x4 (FLAG_AVAILMSG_PRESENT), data=00 fa 4d c3 bc 6e 73 74 65 72 20 5b 31 36 3a 34 30 5d 20 2d 20 77 65 63 68 2e 20 6d 6f 62 69 6c 2e 3c 62 72 2f 3e 3c 62 72 2f 3e 6a 69 64 3a 20 66 6c 69 62 62 6f 40 6a 61 62 62 65 72 2e 63 63 63 2e 64 65 3c 62 72 2f 3e 3c 62 72 2f 3e 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 20 57 69 6e 41 6d 70 20 72 6f 63 6b 74 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 3c 62 72 2f 3e 4e 69 67 68 74 6d 61 72 65 73 20 4f 6e 20 57 61 78 20 2d 20 4c 65 73 20 4e 75 69 74 73 3c 62 72 2f 3e 3c 62 72 2f 3e 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 20 53 6f 66 74 57 61 72 65 20 4e 65 77 73 20 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 3c 62 72 2f 3e 44 69 76 58 20 36 2e 36 20 2d 20 77 77 77 2e 64 69 76 78 2e 63 6f 6d 3c 62 72 2f 3e 57 69 6e 52 00 00>, ExtraInfoBlock: type=0xd (null), extraData=<ExtraInfoData: flags=0x4 (FLAG_AVAILMSG_PRESENT), data=46 9a 9f 64>], extraTlvs=[TLV: type=0xc, length=37 - hex: c0 a8 00 ea 00 00 c3 68 04 00 08 00 00 00 00 00 00 00 50 00 00 00 03 7f ff ff ff 00 03 09 00 00 00 00 00 00 00, TLV: type=0xa, length=4, uint value=1401415956: 53 87 e9 14, TLV: type=0x27, length=4, uint value=1184538468: 46 9a 9f 64], longcaps: [] - FlapPacketEvent: flapProcessor=FlapProcessor: seqNum=SeqNum: min=0, max=65535, last(current)=26, flapCommand=SnacFlapCmd: packet=SnacPacket type 0x3/0xb: 462 bytes (id=2461239128), flapPacket=FlapPacket (channel=2, seq=53238)
2007.07.16 00:29:38 OS - Trying to connect to jabber.ccc.de:5269(DNS lookup: jabberd.jabber.ccc.de:5265)
2007.07.16 00:29:38 OS - Plain connection to jabber.ccc.de:5269 successful
2007.07.16 00:29:38 OS - Going to try connecting using server dialback with: jabber.ccc.de
2007.07.16 00:29:38 OS - Trying to connect to jabber.ccc.de:5269(DNS lookup: jabberd.jabber.ccc.de:5263)
2007.07.16 00:29:38 OS - Connection to jabber.ccc.de:5269 successful
2007.07.16 00:29:38 OS - Sent dialback key to host: jabber.ccc.de id: 41e94d79ee72daf2960977185e98f2b347dc28f3 from domain: nnga.info
2007.07.16 00:29:38 Connect Socket[addr=/217.10.9.40,port=56646,localport=5269]
2007.07.16 00:29:38 AS - Verifying key for host: jabber.ccc.de id: 41e94d79ee72daf2960977185e98f2b347dc28f3
2007.07.16 00:29:38 AS - Key was: VALID for host: jabber.ccc.de id: 41e94d79ee72daf2960977185e98f2b347dc28f3
2007.07.16 00:29:38 AS - Connection closed for host: jabber.ccc.de id: 41e94d79ee72daf2960977185e98f2b347dc28f3
2007.07.16 00:29:38 Verbindung beendet bevor Sitzung hergestellt wurde
Socket[addr=/217.10.9.40,port=56646,localport=5269]
2007.07.16 00:29:38 OS - Validation GRANTED from: jabber.ccc.de id: 41e94d79ee72daf2960977185e98f2b347dc28f3 for domain: nnga.info
2007.07.16 00:29:41 Finishing Outgoing Server Reader. Closing session: org.jivesoftware.openfire.session.OutgoingServerSession@17e982f status: 1 address: jabber.freenet.de id: 779832325
java.io.EOFException: no more data available - expected end tag </stream:stream> to close start tag stream:stream from line 1, parser stopped on END_TAG seen …r:server:dialback’’ id=’‘779832325’’ version=’‘1.0’’>stream:features/… @1:187
at org.xmlpull.mxp1.MXParser.fillBuf(MXParser.java:3035)
at org.xmlpull.mxp1.MXParser.more(MXParser.java:3046)
at org.jivesoftware.openfire.net.MXParser.nextImpl(MXParser.java:75)
at org.xmlpull.mxp1.MXParser.nextToken(MXParser.java:1100)
at org.dom4j.io.XMPPPacketReader.parseDocument(XMPPPacketReader.java:317)
at org.jivesoftware.openfire.server.OutgoingServerSocketReader$1.run(OutgoingServe rSocketReader.java:92)
2007.07.16 00:29:41 SubjectAltName of invalid type found: [
[
Version: V3
Subject: CN=nnga.info
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 1272770221097425002682398891828996663676380881149099915964429678490386417202550 69934830681189181263508050527689115022595368543764181194229645651688462828701906 20696300742232330378846643700458230513965927172580926787573488027544491994478289 9919895508760067778089965776387559178866582311694528100028944780968553
public exponent: 65537
Validity: [From: Mon Jun 25 00:18:28 CEST 2007,
To: Fri Dec 21 23:18:28 CET 2007]
Issuer: EMAILADDRESS=support@cacert.org, CN=CA Cert Signing Authority, OU=http://www.cacert.org, O=Root CA
SerialNumber:
Certificate Extensions: 5
: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: nnga.info, Other-Name: Unrecognized ObjectIdentifier: 1.3.6.1.5.5.7.8.5]
: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
]
: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.cacert.org/]
]
: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm:
Signature:
0000: AA C6 E2 FC B6 1E BE DC 7A DE F9 C0 3C 8D FF 35 …z…<…5
0010: 6B 72 70 3D D8 62 86 A8 A1 B2 F7 FC 79 A9 01 8D krp=.b…y…
0020: 8C 88 0B B1 57 61 32 1A DD F1 57 6C 5C 0C 73 19 …Wa2…Wl.s.
0030: 44 E3 94 16 66 7D 44 2E B5 37 27 84 75 27 26 14 D…f.D…7’’.u’’&.
0040: 1F C8 6C 1E FA 1C D2 5E 18 F9 4B 99 81 9A 61 BB …l…^…K…a.
0050: 0C C4 46 EC C0 FE 97 0E 18 D5 F5 64 11 5D DF 98 …F…d.]…
0060: 2B 4F 45 64 EB 12 E0 62 5D BF 1F F7 48 F9 94 EE +OEd…b]…H…
0070: EE FF A3 6D 0B 2D D7 B1 25 05 57 AB 3C B5 C7 86 …m.-…%.W.<…
0080: 64 FF 10 7E 72 6B 60 47 B6 40 E2 64 AE 2F AD BE d…rk`G.@.d./…
0090: 48 58 56 6B F1 C0 DB 56 68 AB D0 0D 88 47 7D 09 HXVk…Vh…G…
00A0: 5F EF 49 E7 4E 29 43 E7 76 12 77 77 65 0C BC 4A _.I.N)C.v.wwe…J
00B0: B3 01 45 60 97 E7 4F 94 6D 19 98 77 BD D4 7D 0D …E`…O.m…w…
00C0: 4A E8 64 1F C8 AD BA 97 FA AD EB B7 8F 3C 9F E6 J.d…<…
00D0: 91 93 05 65 BB 3F 12 73 1C 8B D6 A8 69 9F D0 30 …e.?.s…i…0
00E0: 07 5E 17 27 0A 57 8F AD 46 0B 81 BC 3C 78 BC D1 .^.’’.W…F…<x…
00F0: 5E F9 E4 72 23 07 3E DA F8 33 68 80 A0 1A 29 58 ^…r#.>…3h…)X
0100: 41 78 72 4D 19 18 86 3E F5 DF 82 9C 9A 04 8E 9C AxrM…>…
0110: F1 5C A5 85 85 C7 A9 10 E9 4C B3 BB DA 45 D2 BD …L…E…
0120: AE AE E2 F2 EC 0A 6C 86 0F 65 52 83 49 E6 2D BF …l…eR.I.-.
0130: C6 BB 00 EF EC 62 69 2E 67 9D 76 0C AC 28 73 89 …bi.g.v…(s.
0140: 55 E9 6F 75 CC 19 47 02 9E 5A 86 D4 E6 52 65 60 U.ou…G…Z…Re`
0150: E9 2A 5B 13 08 4E 98 19 43 79 12 20 C9 42 86 77 .*[…N…Cy. .B.w
0160: 0F B0 E5 51 09 AF 8D C6 A2 2A B9 27 0C 65 90 44 …Q…*.’’.e.D
0170: 8F F1 2F 93 DA 3C C4 0F 24 E2 CA 54 10 8A 4B 28 …/…<…$…T…K(
0180: AA 46 98 B6 C7 7B 18 88 C4 87 C2 E5 FC EB 9F FC .F…
0190: 24 7D 4A 99 DF 6E 6F 0B 01 48 34 9A 06 B3 AE B7 $.J…no…H4…
01A0: E1 26 8B AA 41 5E 9B D9 63 F5 39 62 E2 7B 80 A3 .&…A^…c.9b…
01B0: 00 7A 6D 23 0E C3 1D C0 5F 6A B5 CB 47 5D 3F A3 .zm#…_j…G]?.
01C0: 35 27 6D E2 66 EF FD 4D 78 BE 68 20 D1 C9 03 1C 5’'m.f…Mx.h …
01D0: 52 11 DD 23 35 EB 8D 18 BA BC 66 2E 20 B2 EC D2 R…#5…f. …
01E0: 58 F4 0A E7 A8 CE BD 35 17 31 A0 16 E5 97 28 6A X…5.1…(j
01F0: 42 26 2C CA 3A 53 54 93 1B BA 00 CE 98 B1 9D 8A B&,.:ST…
]
2007.07.16 00:29:47 EOF
Message was edited by: bigdaddy