powered by Jive Software

Wildfire 2.4.4 and certificates from Starfield Tech CA

I rent a server from Godaddy to host a test Wildfire 2.4.4 server on. (planning to upgrade to 2.5.0) and have acquired a certificate from their Certificate Authority, Starfield Secure Certification Authority, OU=http://www.starfieldtech.com. I have followed the instructions outlined in the documentation and installed but the cacert and the cert provided me.

I have removed all other certs from the keystore so that only the CA cert is used. However, now I cannot access anything on the wildfire admin console or with an IM client securely. I can access the wildfire console IF I go through port 9090.

I need to be able to provide valid, ca signed, certificates. If starfield is incompatible in some way, shape or form, can anybody point me to a non-verisign CA. (Cant really afford their prices).

Does anybody have a CA signed cert that they are using that could help me figure out my problems. I would like to roll out a production server soon but this is a roadblock.

Any errors in the logs that might provide a clue about what’'s going on? Also, the following document might help:

http://www.jivesoftware.org/community/entry!default.jspa?externalID=492

Regards,

Matt

Well still no go. here is what I have. (when I run wildfire with the signed certificate). First it seems to create a CRAZY large admin-console.log file. (this is bad because it makes me have to reboot afterwords because it fills my disk quota.

$ ls -l

total 9504287

-rw-rw-r-- 1 jive jive 9708332658 Feb 20 18:23 admin-console.log

this is filled with:

17:00:10.582 WARN!! [SunJsseListener1-1] org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:590) >11> /server-stopped.jsp:

java.lang.NullPointerException

at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:57)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:813)

at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:43)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:813)

at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:41)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:813)

at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:98)

at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplica tionHandler.java:813)

at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler. java:494)

at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:569)

at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)

my error.log is filled with:

2006.02.20 18:20:45 org.jivesoftware.wildfire.net.SocketReader.negotiateTLS(SocketReader.java:680) Error while negotiating TLS

javax.net.ssl.SSLHandshakeException: no cipher suites in common

at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source)

    Connecting to POP3 server jcluff@securedminds.com@mail.securedminds.com:110. SSL=False

at comGetting mail listrnal.ssl.SSLEngineImpl.writeAppRecord(Unknown Source) Disconnecting from POP3 server mail.securedminds.com at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(Unknown Source)

Connecting to POP3 server jcluff@strateganet.com@mail.strateganet.com:110. SSL=False at org.jivesoftware.wildfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:320)

at org.jivesoftware.wildfire.net.TLSStreamHandler.(TLSStreamHandler.java:206)

at org.jivesoftware.wildfire.net.SocketConnection.startTLS(SocketConnection.java:1 50)

at org.jivesoftware.wildfire.net.SocketReader.negotiateTLS(SocketReader.java:677)

at org.jivesoftware.wildfire.net.SocketReader.readStream(SocketReader.java:266)

at org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:119)

at java.lang.Thread.run(Unknown Source)

Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common

at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)

at com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(Unknown Source)

at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(Unknown Source)

at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)

at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown Source)

at org.jivesoftware.wildfire.net.TLSStreamHandler.doTasks(TLSStreamHandler.java:37 1)

at org.jivesoftware.wildfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.jav a:281)

… 6 more

2006.02.20 18:20:45 org.jivesoftware.wildfire.net.SocketReader.run(SocketReader.java:159) Connection closed before session established

Socket[addr=/69.137.116.44,port=1832,localport=5222]

I have also updated my truststore with Starfields certificate.

Any thoughts on this or has anybody been able to get their CA certs to work that could help walk me through what they did. I suspect I am missing some step or something like that.