Server to Server, Linux and Windows

I have a problem connecting 2 Wildfire servers, both are running 3.2.0 one is a Linux box (Suse 9.2) and the other is a Windows XP box.

When I log into the Windows server and try to add a user on the Linux box I get an error message saying


Pandion


Cannot add itsucalj@squid to the contact list.

The address does not exist.


OK


On the Linux box error log I get

2007.02.16 16:06:44 org.jivesoftware.wildfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode.j ava:75) Error while negotiating TLS: org.jivesoftware.wildfire.net.SocketConnection@ee1aeb socket: Socket[addr=/10.52.140.126,port=3708,localport=5269] session: org.jivesoftware.wildfire.session.IncomingServerSession@42299e status: 1 address: squid/a25181f8 id: a25181f8

javax.net.ssl.SSLException: Unsupported record version Unknown-47.115

at com.sun.net.ssl.internal.ssl.EngineInputRecord.bytesInCompletePacket(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(Unknown Source)

at javax.net.ssl.SSLEngine.unwrap(Unknown Source)

at org.jivesoftware.wildfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:211)

at org.jivesoftware.wildfire.net.TLSStreamHandler.start(TLSStreamHandler.java:157)

at org.jivesoftware.wildfire.net.SocketConnection.startTLS(SocketConnection.java:1 64)

at org.jivesoftware.wildfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode. java:72)

at org.jivesoftware.wildfire.net.BlockingReadingMode.readStream(BlockingReadingMod e.java:126)

at org.jivesoftware.wildfire.net.BlockingReadingMode.run(BlockingReadingMode.java: 62)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:120)

at java.lang.Thread.run(Unknown Source)

Server to Server between 2 Windows test servers works fine.

Any ideas?

Ports are fully open and I can telnet to 5269 on both servers from the other.

DNS is working fine.

Hi,

JM-669 was fixed in 3.0 and this could be a very similar issue.

LG

Hey Jimmy,

Another option is that you are using self-signed certificates and by default Wildfire will reject them. In one server you will get the “javax.net.ssl.SSLException: Unsupported record version Unknown-47.115” exception and in the other server (if you enable the debug log) you will see that the TLS negotiation failed due to a self-signed certificate.

If you are fine with self-signed certificates then you can instruct Wildfire to accept them. You will have to set the system property xmpp.server.certificate.accept-selfsigned to true on both servers. If you don’'t care about certificate validation you can just disable the entire validtion by setting xmpp.server.certificate.verify to false.

Regards,

– Gato