Hello,
I have recently installed two Openfire Servers (3.6.4 Windows) on two differents Active Directory domains with each one their CA.I have entered the FQDN of the server for the name of openfire server in the console.
I have taken the defaults selfs signed certificates generated during the installation and sign it with the CA of the domain. After that i have imported
the signed certificates in the console and on the certificates in certificates tab i can see a green checkbox and also the “ca signed” message.
I have registered the Certificates of the Two CA in the trustore and the client.trustore.
The connection between the two openfire servers works only when i configure “Server connection security” parameter (in security settings) to “optionnal” value. As soon i configured to the “required” value the connection failed
and i have the next entries in the debug logs :
(For confidendiality reason i have remplaced the hosts values by openfire,openfire2 and the domains names by A.B.C.D and E.F.G.H)
2010.05.25 12:11:06 LdapManager: Starting LDAP search…
2010.05.25 12:11:06 LdapManager: … search finished
2010.05.25 12:11:06 LdapManager: Creating a DirContext in LdapManager.getContext()…
2010.05.25 12:11:06 LdapManager: Created hashtable with context values, attempting to create context…
2010.05.25 12:11:06 LdapManager: … context created successfully, returning.
2010.05.25 12:12:12 ConnectionHandler:
java.io.IOException: An existing connection was forcibly closed by the remote host
at sun.nio.ch.SocketDispatcher.read0(Native Method)
at sun.nio.ch.SocketDispatcher.read(Unknown Source)
at sun.nio.ch.IOUtil.readIntoNativeBuffer(Unknown Source)
at sun.nio.ch.IOUtil.read(Unknown Source)
at sun.nio.ch.SocketChannelImpl.read(Unknown Source)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.j ava:218)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcesso r.java:198)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProce ssor.java:45)
at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProce ssor.java:485)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Trying to connect to openfire2.E.F.G.H:5269(DNS lookup: openfire2.E.F.G.H:5269)
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Plain connection to openfire2.E.F.G.H:5269 successful
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Indicating we want TLS to openfire2.E.F.G.H
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Negotiating TLS with openfire2.E.F.G.H
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - TLS negotiation with openfire2.E.F.G.H was successful
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Stream compression was successful with openfire2.E.F.G.H
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Error, EXTERNAL SASL and SERVER DIALBACK were not offered by openfire2.E.F.G.H
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Trying to connect to E.F.G.H:5269(DNS lookup: openfire2.E.F.G.H:5269)
2010.05.25 12:12:12 LocalOutgoingServerSession: OS - Plain connection to E.F.G.H:5269 successful
2010.05.25 12:12:18 NIOConnection: startTLS: using c2s
2010.05.25 12:12:20 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: administrator, Base DN: DC=“A”,DC=“B”,DC=“C”,DC=“D”…
2010.05.25 12:12:20 LdapManager: Creating a DirContext in LdapManager.getContext()…
2010.05.25 12:12:20 LdapManager: Created hashtable with context values, attempting to create context…
2010.05.25 12:12:20 LdapManager: … context created successfully, returning.
2010.05.25 12:12:20 LdapManager: Starting LDAP search…
2010.05.25 12:12:20 LdapManager: … search finished
2010.05.25 12:12:20 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: CN=“Administrator”,CN=“Users”…
2010.05.25 12:12:20 LdapManager: Created context values, attempting to create context…
2010.05.25 12:12:20 LdapManager: … context created successfully, returning.
2010.05.25 12:12:42 LocalOutgoingServerSession: OS - Trying to connect to E.F.G.H:5269(DNS lookup: E.F.G.H:5269)
2010.05.25 12:13:24 LocalOutgoingServerSession: OS - Trying to connect to G.H:5269(DNS lookup: G.H:5269)
2010.05.25 12:13:39 OutgoingSessionPromise: Error sending packet to remote server:
java.lang.Exception: Failed to create connection to remote server
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.sendPa cket(OutgoingSessionPromise.java:252)
at org.jivesoftware.openfire.server.OutgoingSessionPromise$PacketsProcessor.run(Ou tgoingSessionPromise.java:216)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
2010.05.25 12:13:39 OutgoingSessionPromise: Error sending packet to remote server (fast discard):
Is there Someone can help me please ?
Thanks.