powered by Jive Software

SSL woes

OK, I got Active Directory integration working (thank you so much) but I couldn’'t get SSL working with a new certificate.

I downloaded the nightly build from 02/02/05 and deleted my old keystore and truststore in case they were messsed up and restored the original files.

With the original files SSL works, but when I run through the instructions in the SSL Guide, it fails every time.

Reading through the SSL Guide if I want to use a self-signed certificate I really only need to do 3 things for ssl to work

  1. change the password on the keystore

  2. keytool -genkey -keystore keystore -alias example.com (where example.com = xmpp.domain)

  3. add the xmpp.socket.ssl.keypass entry with the new password

Correct?

Even going through this minimum amount of steps, it still fails and can’‘t start SSL. Is there something I’'m missing?

Are there any error messages that might indicate what is going wrong?

Regards,

Matt

Sorry for the long response time, but I went on vacation a day after I posted the question.

I think the problem has to do with the keystore and the jave environment on the machine. No matter how many times I regenerate the keystore password or whatever I get the following problem at the SSL initialiazation:

java.io.IOException: Keystore was tampered with, or password was incorrect

at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source)

at java.security.KeyStore.load(Unknown Source)

at org.jivesoftware.messenger.net.SSLConfig.(SSLConfig.java:69)

at org.jivesoftware.messenger.net.SSLSocketAcceptThread.(SSLSocketAcceptThre ad.java:93)

at org.jivesoftware.messenger.spi.ConnectionManagerImpl.createSocket(ConnectionMan agerImpl.java:73)

at org.jivesoftware.messenger.spi.ConnectionManagerImpl.start(ConnectionManagerImp l.java:148)

at org.jivesoftware.messenger.XMPPServer.startModules(XMPPServer.java:309)

at org.jivesoftware.messenger.XMPPServer.start(XMPPServer.java:198)

at org.jivesoftware.messenger.XMPPServer.(XMPPServer.java:116)