Using tls in smack 4.3.4

eduardopsantos · August 19, 2020, 7:08pm

Does anyone know how to configure tls in smack 4.3.4 ?. I’m using Openfire as a server.

mtangoo · August 21, 2020, 6:57pm

What problem are you facing?

eduardopsantos · August 21, 2020, 7:17pm

Hi, in reality I am not sure how to configure the smack and the server. I saw something about keyStore in some discussion forums but I didn’t understand it well and some are from very old versions. I would like to know how to use the certificate in smack and configure everything. Unfortunately the documentation provided by smack is small and incomplete. I’m noob

mtangoo · August 21, 2020, 7:30pm

Can you post your code?

Also see: https://download.igniterealtime.org/smack/docs/latest/documentation/

eduardopsantos · August 21, 2020, 7:49pm

XMPPTCPConnectionConfiguration.Builder configBuilder = XMPPTCPConnectionConfiguration.builder();
configBuilder.setUsernameAndPassword("server1", "server1");
configBuilder.setXmppDomain("eduardo");
configBuilder.setHost("localhost");
configBuilder.setSecurityMode(XMPPTCPConnectionConfiguration.SecurityMode.disabled);
configBuilder.setPort(5222);
AbstractXMPPConnection connection = new XMPPTCPConnection(configBuilder.build());
connection.connect();
connection.login();

There is the configuration part. Security is disabled for now

Paul_Schaub · August 21, 2020, 8:04pm

Why would you disable security???
OP is asking how to enable it! (Smack enables security by default, so if you have a valid certificate on your server you are good to go out of the box!)

Also you don’t have to specify the port manually, as Smack uses 5222 by default.

eduardopsantos · August 21, 2020, 8:28pm

Exception in thread "main" org.jivesoftware.smack.SmackException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Great, now you’re asking for the certificate. So, there is no need to configure anything else in smack?. Is it only necessary to assign the certificate on the server? Do you have any idea how you do it in openfire or ejjaberd?

Paul_Schaub · August 21, 2020, 10:46pm

https://bfy.tw/OqPu

eduardopsantos · August 21, 2020, 11:15pm

Great idea

mtangoo · August 22, 2020, 5:12pm

One of the simple way is to use Let us Encrypt, if you do not have a certificate bought from CA

system · November 30, 2020, 5:12pm

This topic was automatically closed 100 days after the last reply. New replies are no longer allowed.