Upgrade from 3.10.3 to 4.0.0 completly messed up system


after doing an upgrade from 3.10.3 to 4.0.0 we encounter several problems:

The Keystore with the certificate used in 3.10.3 is no longer valid for 4.0.0, it screams around about missing certificates, also everything is in place and it can open the keystore. The certificate is available but it is not used to verify the server from the view of the client.

Next to it we get a lot of stanza errors related with http:///streams.

Finally all the modules/plugins we use are not working any longer, and also an upgrade to the newes version fails.

If you need a more detailed information for that case, please ask and we will provide you with as much information as needed to get help for the problems.



Also have the same issue with xmpp client-to-server certificate, however web https keystore is ok.

I have exactly the same issue.

I can connect to the admin console via https and see the store-content of the server federation stores (identity store) with the right certificates I added yesterday in V 3.10…

in the section “XMPP Client Stores” is the “Identity store” empty… no keystore

the other sections contain all the same keystore file of the secuirty folder. I checked the keypass-setting in the server properys and set it again… i belive there has to be a new setting for the “client keystore file” which points to the keyfile.

openfire loads and decrypts the keyfile because i can see all my keyfile details when clicking on Manage Store Contents of the other section.

I am using the Windows Version of openfire and upgraded today to 4.0.0…

please help us!! what should we do??

I did a update to 3.10 and have same issues here on Win2008R2 server. Plugins, etc… Ofmeet definitely breaks video feed. I rolled back to 3.10 until a update to 4.0 shows up. I will say that 4.0 is going in the right direction and can’t wait till some of these bugs are sorted! Thanks again for the developers hard work for the community.

Perhaps you try the steps of the Thread Re: Java KeyStore Path Missing for Bosh and XMPP

Add following settings:

xmpp.socket.ssl.client.keypas -> your password for the keystore

xmpp.socket.ssl.client.keystore -> the location of the keystore (for it is /usr/share/openfire/resources/security/keystore)

xmpp.socket.ssl.client.trustpass -> your passwort for the truststore

xmpp.socket.ssl.client.truststore -> the location of the truststore (for it is /usr/share/openfire/resources/security/truststore)

I could not try this today…

i will wait a few days because I read from a problem with messed up LDAP groups in OF4 - which we use also…

1 Like

Thx, that solved the Keystore-Issue so far… no ongoing for the next bugs we have, let’s see what happens with the stanza stream errors and the plugins…