Self signed SSL cert and port binding

Mark4 · July 11, 2006, 6:47am

Hi,

I am having trouble getting Wildfire to bind to port 443 on my machine (Debian sarge). Originally I thought it wasn’‘t working because of the default certs that came with the server. However, after generating my own I’'m still getting this error (no other service is running on port 443):

2006.07.11 08:35:10 org.jivesoftware.wildfire.spi.ConnectionManagerImpl.startClientSSLListeners(Conn ectionManagerImpl.java:243) Could not setup SSL socket

java.net.BindException: Permission denied

at java.net.PlainSocketImpl.socketBind(Native Method)

at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:359)

at java.net.ServerSocket.bind(ServerSocket.java:319)

at java.net.ServerSocket.(XMPPServer.java:145)

Any help would be greatly appreciated.

Thanks!

Mark

Mark4 · July 11, 2006, 8:54am

I have a hunch that this is because I am trying to open a low port as a non-root user (wildfire is not running under root). Does someone happen to have a startup script which starts the server as root and then hands it off to a normal user?

cheers,

Mark

Mark4 · July 12, 2006, 7:28am

I’'ve set the SSL encrypted port back to 5223 – no problems now.

Andreas_Monitzer · July 12, 2006, 11:43am

You can probably use apache to listen on the lowport and forward it to the highport using the RewriteEngine.

LG1 · July 15, 2006, 10:54am

Hi,

iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 5223

as described in someother threads should help you a lot as you are using linux.

LG