I’ve wasted a whole week trying to setup a Spark client (v2.8.3 on Windows 10) appropiatelly to connect to my new Openfire server (v4.1.6 on ubuntu).
I’ve installed new CA root and intermediate and generated Openfire SSL certificate. All working fine on server side…
But I can’t get Spark using the client certificates that I generate via my own CA intermediate.
Using Wireshark I’ve verified that server is requesting the client certificate but Sparks always reply with an empty certificate (what I understand as it is unable to find a proper certificate to send) so connection is aborted by server with a “bad certificate” alert.
I’ve tried many combinations of keystore formats, password, path, jre version, language (my OS is spanish version), w/o chain certs. Spark just behaves the same. I really doubt PKI configuration tab is use at all.
Now I’m quite desperated. I think it would be wonderful if someone could give me a clue about how Spark works on this.
Thanks in advance.
It might be that PKI tab never actually worked in Spark. It is planned to remove it for 2.9.0 as it is replaced with other stuff. SPARK-1990 Not sure when 2.9.0 will be released. You can try the latest builds though https://www.igniterealtime.org/downloads/nightly_spark.jsp
Ok. Thanks for your help.
I feel a little disappointed about PKI support being just a kind of not accomplished promise…