powered by Jive Software

Setting up TLS in Openfire - error in TLS/SSL certificates


#1

I am trying to setup TLS in openfire 4.2.1 on Ubuntu 16.04 LTS.

I followed the steps given here.

I am using IP address as domain name and generated a self-signed certificate using the same. I also changed the default password of the keystore.

I have set the following “System Properties”

xmpp.socket.ssl.active	true	
xmpp.socket.ssl.keypass	 <my_passwd>
xmpp.socket.ssl.keystore <left_blank>
xmpp.socket.ssl.port	5223
xmpp.socket.ssl.storeType JKS
xmpp.socket.ssl.truststore <left_blank>

as suggested in the link above.

When I open the “TLS/SSL Certificates” tab, I get the following error:

javax.el.ELException: Cannot convert COMBINED of type class java.lang.String to class org.jivesoftware.openfire.spi.ConnectionType
	at org.apache.el.lang.ELSupport.coerceToEnum(ELSupport.java:212)
	at org.apache.el.lang.ELSupport.equals(ELSupport.java:179)
	at org.apache.el.parser.AstEqual.getValue(AstEqual.java:39)
	at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:187)
	at org.apache.jasper.runtime.PageContextImpl.proprietaryEvaluate(PageContextImpl.java:956)
	at org.jivesoftware.openfire.admin.security_002dcertificate_002dstore_002dmanagement_jsp._jspx_meth_c_005fwhen_005f1(security_002dcertificate_002dstore_002dmanagement_jsp.java:803)
	at org.jivesoftware.openfire.admin.security_002dcertificate_002dstore_002dmanagement_jsp._jspx_meth_c_005fchoose_005f1(security_002dcertificate_002dstore_002dmanagement_jsp.java:760)
	at org.jivesoftware.openfire.admin.security_002dcertificate_002dstore_002dmanagement_jsp._jspx_meth_c_005fset_005f0(security_002dcertificate_002dstore_002dmanagement_jsp.java:728)
	at org.jivesoftware.openfire.admin.security_002dcertificate_002dstore_002dmanagement_jsp._jspx_meth_c_005fforEach_005f1(security_002dcertificate_002dstore_002dmanagement_jsp.java:673)
	at org.jivesoftware.openfire.admin.security_002dcertificate_002dstore_002dmanagement_jsp._jspService(security_002dcertificate_002dstore_002dmanagement_jsp.java:232)
	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
	at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:73)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:49)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:226)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:215)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
	at org.eclipse.jetty.server.Server.handle(Server.java:499)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
	at java.lang.Thread.run(Thread.java:748)

There’s a related thread here which is asking to set values for bosh, multiplex and client keystore values which I believe do not apply in my case as I am only trying to use TLS for the server side.

Please let me know how to fix this. Also, how would I know if TLS is working after everything is properly setup?

Thanks for the help