I am trying tpo find additional information on S2S communication and what that provides once setup. I stumbled upon Server federation in Openfire 3.6.0 but that links to an old how-to that I believe is not correct anymore.
Where can I find the latest information about openfire federation? Thank you.
Exactly what kind of information are you looking for, and for what purpose? Openfire implements the XMPP specifications for server-to-server communication,
I am trying to understand what I gain when I setup server to server federation overall and what I should be seeing on my servers when its setup.
I setup server to server comms but not sure what I should be seeing from a Spark client perspective. If I run “netstat -nap | grep 5269” on both my servers, I see they are both listening on that port. Both servers can perform dns lookups on each other and no firewalls between (same lane with firewalld disabled).
I guess I am confused by what I am gaining when I connect the hosts via server to server comms on port 5269 compared to what I get without.
I also attempted to disable STARTTLS under S2S optiopns on both ends but I kept getting errors in the servers logs of:
TLS requested by initiator when TLS was never offered by server. Closing connection : org.jivesoftware.openfire.net.SocketConnection@2af045a5 socket: Socket[addr=/192.168.1.84,port=43302,localport=5269] session: LocalIncomingServerSession{address=server1.my.domain.name/bskgql3ik, streamID=bskgql3ik, status=-1 (closed), isSecure=false, isDetached=false, isUsingServerDialback=true, localDomain=server1.my.domain.name, defaultIdentity=server2.my.domain.name, validatedDomains={}}
Leaving the STARTTLS policy to optional and Disabling mutual authentication/Allow peer-certificat to be self signed still causes the following errors in the logs:
Unable to validate domain: An exception occurred while verifying the dialback key.
java.io.EOFException: input contained no data
I have tried just about all combos of disbling auth for S2S and setting it up as optional (plus allowing all ciphers) to no luck. Still get ssl errors regardless.
When setting 5269 to STARTTLS policy to disabled I get the following error as well:
Unable to verify key: Got error instead of proceed for starttls
I found a bug you fixed regarding S2S communication that is on your nightly: S2S Plain-Text Connection - #2 by LoPard
Going to close this ticket and install the nightly build. will reopen a thread on that version with errors if it still occurs. Thank you!
As for S2S documentation, I found the following: Server To Server HowTo's