Good night!
We have a problem with two openfire servers. They won’t connect to each other, but they connect to other servers without problems.
A short description of our environment:
Server A: openfire 4.5.6, java 11.0.15, location A, working to servers c and d, not working to server b
Server B: openfire 4.5.6, java 11.0.15, location B, working to servers c and d, not working to server a
Server C: openfire 4.6.5, java 8_202 (i already told them to update this…), location C, working to all servers
Server D: openfire 4.5.6, java 8_322, location B, working to all servers
Here is the debug log from a connection attempt from server A to B. (The log is exactly the same in the opposite direction):
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: '' to remote domain: ''] - Start domain authentication ...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: '' to remote domain: ''] - Searching for pre-existing outgoing sessions to the remote domain (if one exists, it will be re-used) ...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: '' to remote domain: ''] - There are no pre-existing outgoing sessions to the remote domain itself. Searching for pre-existing outgoing sessions to super- or subdomains of the remote domain (if one exists, it might be re-usable) ...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: '' to remote domain: ''] - There are no pre-existing session to other domains hosted on the remote domain.
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: '' to remote domain: ''] - Unable to re-use an existing session. Creating a new session ...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Creating new session...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Creating plain socket connection to a host that belongs to the remote XMPP domain.
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Creating a socket connection to XMPP domain '' ...
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Use DNS to resolve remote hosts for the provided XMPP domain '' (default port: 5269) ...
2022.06.30 00:26:56 org.jivesoftware.openfire.net.DNSUtil - No SRV record found for: _xmpps-server._tcp..
javax.naming.NameNotFoundException: DNS name not found [response code 3]
at com.sun.jndi.dns.DnsClient.checkResponseCode(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsClient.isMatchResponse(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsClient.doUdpQuery(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsClient.query(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.Resolver.query(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsContext.c_getAttributes(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(Unknown Source) ~[?:?]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(Unknown Source) ~[?:?]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(Unknown Source) ~[?:?]
at javax.naming.directory.InitialDirContext.getAttributes(Unknown Source) ~[?:?]
at org.jivesoftware.openfire.net.DNSUtil.srvLookup(DNSUtil.java:222) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.net.DNSUtil.resolveXMPPDomain(DNSUtil.java:111) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.net.SocketUtil.createSocketToXmppDomain(SocketUtil.java:45) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.createOutgoingSession(LocalOutgoingServerSession.java:250) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.authenticateDomain(LocalOutgoingServerSession.java:209) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPacket(OutgoingSessionPromise.java:261) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(OutgoingSessionPromise.java:239) [xmppserver-4.5.6.jar:4.5.6]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [?:?]
at java.lang.Thread.run(Unknown Source) [?:?]
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Found 1 host(s) for XMPP domain ''.
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - - :5269 (no direct TLS)
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Trying to create socket connection to XMPP domain '' using remote host: :5269 (blocks up to 120000 ms) ...
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Successfully created socket connection to XMPP domain '' using remote host: :5269!
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Opening a new connection to /XXX.XXX.XXX.XXX:5269 that is initially not encrypted.
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Send the stream header and wait for response...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Got a response (stream ID: cig2x48b7, version: 1.0). Check if the remote server is XMPP 1.0 compliant...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - The remote server is XMPP 1.0 compliant (or at least reports to be).
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Processing stream features of the remote domain...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Check if both us as well as the remote server have enabled STARTTLS and/or dialback ...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Both us and the remote server support the STARTTLS feature. Secure and authenticate the connection with TLS & SASL...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Secure connection for: to: ] - Securing and authenticating connection ...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Secure connection for: to: ] - Indicating we want TLS and wait for response.
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Secure connection for: to: ] - Received 'proceed' from remote server. Negotiating TLS...
2022.06.30 00:26:56 org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Configured TrustManager class: org.jivesoftware.openfire.keystore.OpenfireX509TrustManager
2022.06.30 00:26:56 org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Attempting to instantiate 'class org.jivesoftware.openfire.keystore.OpenfireX509TrustManager' using the three-argument constructor that is properietary to Openfire.
2022.06.30 00:26:56 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Constructed trust manager. Number of trusted issuers: 151, accepts self-signed: true, checks validity: true
2022.06.30 00:26:56 org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Successfully instantiated 'class org.jivesoftware.openfire.keystore.OpenfireX509TrustManager'.
2022.06.30 00:26:56 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Attempting to verify a chain of 1 certificates.
2022.06.30 00:26:56 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Attempting to accept the self-signed certificate of this chain of length one, as instructed by configuration.
2022.06.30 00:26:56 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Chain of one appears to be self-signed. Adding it to the set of trusted issuers.
2022.06.30 00:26:56 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Validating chain with 1 certificates, using 132 trust anchors.
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Secure connection for: to: ] - TLS negotiation was successful. Connection secured. Proceeding with authentication...
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Secure connection for: to: ] - SASL authentication failed. Will continue with dialback.
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Secure connection for: to: ] - TLS negotiation was successful so initiate a new stream.
2022.06.30 00:26:56 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: to ] - Unable to create a new session. Going to try connecting using server dialback as a fallback.
2022.06.30 00:26:56 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Create Outgoing Session from: to RS at: (port: 5269)] - Creating new outgoing session...
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Creating a socket connection to XMPP domain '' ...
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Use DNS to resolve remote hosts for the provided XMPP domain '' (default port: 5269) ...
2022.06.30 00:26:56 org.jivesoftware.openfire.net.DNSUtil - No SRV record found for: _xmpps-server._tcp..
javax.naming.NameNotFoundException: DNS name not found [response code 3]
at com.sun.jndi.dns.DnsClient.checkResponseCode(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsClient.isMatchResponse(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsClient.doUdpQuery(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsClient.query(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.Resolver.query(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.dns.DnsContext.c_getAttributes(Unknown Source) ~[jdk.naming.dns:?]
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(Unknown Source) ~[?:?]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(Unknown Source) ~[?:?]
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(Unknown Source) ~[?:?]
at javax.naming.directory.InitialDirContext.getAttributes(Unknown Source) ~[?:?]
at org.jivesoftware.openfire.net.DNSUtil.srvLookup(DNSUtil.java:222) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.net.DNSUtil.resolveXMPPDomain(DNSUtil.java:111) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.net.SocketUtil.createSocketToXmppDomain(SocketUtil.java:45) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.server.ServerDialback.createOutgoingSession(ServerDialback.java:209) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.createOutgoingSession(LocalOutgoingServerSession.java:425) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.session.LocalOutgoingServerSession.authenticateDomain(LocalOutgoingServerSession.java:209) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPacket(OutgoingSessionPromise.java:261) [xmppserver-4.5.6.jar:4.5.6]
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(OutgoingSessionPromise.java:239) [xmppserver-4.5.6.jar:4.5.6]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [?:?]
at java.lang.Thread.run(Unknown Source) [?:?]
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Found 1 host(s) for XMPP domain ''.
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - - :5269 (no direct TLS)
2022.06.30 00:26:56 org.jivesoftware.openfire.net.SocketUtil - Trying to create socket connection to XMPP domain '' using remote host: :5269 (blocks up to 120000 ms) ...
2022.06.30 00:26:57 org.jivesoftware.openfire.net.SocketUtil - Successfully created socket connection to XMPP domain '' using remote host: :5269!
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Create Outgoing Session from: to RS at: (port: 5269)] - Send the stream header and wait for response...
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Create Outgoing Session from: to RS at: (port: 5269)] - Got a response. Check if the remote server supports dialback...
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Create Outgoing Session from: to RS at: (port: 5269)] - Dialback seems to be supported by the remote server.
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Authenticate domain: with RS: (id: 44ge56gama)] - Authenticating domain ...
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Authenticate domain: with RS: (id: 44ge56gama)] - Sending dialback key and wait for the validation response...
2022.06.30 00:26:57 org.jivesoftware.openfire.net.BlockingAcceptingMode - Connect Socket[addr=/XXX.XXX.XXX.XXX,port=50747,localport=5269]
2022.06.30 00:26:57 org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Configured TrustManager class: org.jivesoftware.openfire.keystore.OpenfireX509TrustManager
2022.06.30 00:26:57 org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Attempting to instantiate 'class org.jivesoftware.openfire.keystore.OpenfireX509TrustManager' using the three-argument constructor that is properietary to Openfire.
2022.06.30 00:26:57 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Constructed trust manager. Number of trusted issuers: 151, accepts self-signed: true, checks validity: true
2022.06.30 00:26:57 org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Successfully instantiated 'class org.jivesoftware.openfire.keystore.OpenfireX509TrustManager'.
2022.06.30 00:26:57 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Attempting to verify a chain of 3 certificates.
2022.06.30 00:26:57 org.jivesoftware.openfire.keystore.OpenfireX509TrustManager - Validating chain with 3 certificates, using 131 trust anchors.
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Authenticate domain: with RS: (id: 44ge56gama)] - Failed to authenticate domain: the validation response was received, but did not grant authentication.
2022.06.30 00:26:57 org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Create Outgoing Session from: to RS at: (port: 5269)] - Failed to authenticate the connection with dialback.
2022.06.30 00:26:57 org.jivesoftware.openfire.spi.RoutingTableImpl - Failed to route packet to JID: packet: <iq type="error" id="727-4" to="" from=""><ping xmlns="urn:xmpp:ping"/><error code="404" type="cancel"><remote-server-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq>
2022.06.30 00:26:57 org.jivesoftware.openfire.IQRouter - IQ sent to unreachable address: <iq type="error" id="727-4" to="" from=""><ping xmlns="urn:xmpp:ping"/><error code="404" type="cancel"><remote-server-not-found xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/></error></iq>
2022.06.30 00:26:57 org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor - Error sending packet to domain '':
Maybe someone has an idea. We tried many combinations of versions of openfire (4.7.1, 4.6.5) or java (8_321,8_333,11.0.15).
Greetings, Max