SSL issues with Wildfire 3.1.1 / Spark 2.0.7

Brennan_Anthony · December 28, 2006, 3:47pm

I am setting up a new Wildfire server to replace an old one that is out dated.

I have Wildfire 3.1.1 installed on Fedora Core 5, and Spark 2.0.7 running on my XP workstation for preliminary testing.

All of our employees use the IM Server for inter-office communications, and we have the server on a public IP for connections from home as well.

SSL is to be on port 443.

I can connect to the server under the following circumstances:

If I check “Use old SSL port method” it connects just fine.

If I uncheck “Use old SSL port method”, the only way it will connect is if I select the “Automatically discover host and port”, and when it does connect, it uses port 5222 which is not the secure port.

Is there any way to not have to use the “Old Port Method”, and to get it to connect to the SSL port that is specified?

Message was edited by: Brennan

Gaston_Dombiak · December 29, 2006, 5:47pm

Hey Brennan,

It seems that we need to improve the description of the ports.

The port 5222 (default port for client-to-server) can be used for plain and secured connections. Moreover, from the admin console you can specify if only secured connections are allowed on that port. This is how it works: clients connect to that port and the server will advertise its capabilities so clients can choose which ones should be used. Among the advertised capabilities you may find startTLS as optional, required or may not find it at all depending on your Wildfire configuration. If you make startTLS required then ALL clients must encrypt their connections or otherwise Wildfire will close the connection.

On the other hand, port 5223 (the non XMPP standard port - and soon to be deprecated) is a very old method of connection that just starts the connection using encryption. This method is not XMPP compliant and will soon be deprecated.

Regards,

– Gato

Brennan_Anthony · January 2, 2007, 6:04pm

This is all well and good, however, like I stated previously, Spark will only connect if the Automatically detect checkbox is checked, or if i check the option to use the old SSL port method.

That’‘s fine that the Old port method is being removed and such, however, i’'d like the client to connect without having to “automatically search”

I’‘m assuming it’'s a configuration issue on my end, but I need some direction on where to look.

Thanks for your help,

Brennan