Hello,
I've been using previous versions of Openfire to connect to other Openfire servers as well as to a jabber.org server without any issues. However, once I upgraded from Openfire version 3.10.2 to 4.0.1, I ran into some problems. The two Openfire servers I upgraded were unable to authenticate to the jabber.org server. Under "server sessions", it only showed an incoming session stream from jabber.org, but no outgoing sessions. Here is what the log showed:
2016.02.12 20:11:40 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: our-domain.net to jabber.org] - Unable to create a new session: exhausted all options (not trying dialback as a fallback, as server dialback is disabled by configuration.
2016.02.12 20:11:40 org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: 'our-domain.net' to remote domain: 'jabber.org'] - Unable to authenticate: Fail to create new session.
2016.02.12 20:12:27 org.jivesoftware.openfire.spi.LegacyConnectionAcceptor - Configuration allows for up to 16 threads, although implementation is limited to exactly one.
Here is what is displayed under "server sessions":
Remote Server Connections Details
Below are details about the sessions with the remote server .
Remote Server Connections Details | |
Connection | Incoming |
Remote server |
|
Incoming Session Details
Stream ID | Authentication | Cipher Suite | Creation Date | Last Activity | Packets RX | Packets TX | |
aw5s84p3tb | Dialback | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | 7:55 PM | 7:55 PM | 1 | 0 | |
Both Openfire servers are configured to use self-signed certificates. I have the following parameters configured:
xmpp.server.cert.policy = disabled
xmpp.server.certificate.accept-self = true
xmpp.server.certificate.verify = false
xmpp.server.dialback.enabled = false
xmpp.server.tls.enabled = true
xmpp.server.tls.policy = optional
xmpp.socket.ssl.active = true
xmpp.socket.ssl.certificate.accept = true
xmpp.socket.ssl.certificate.verify = false
Cipher suites and protocols are left at their defaults. When I sign into my jabber.org account using Spark, I am unable to see any users on the Openfire servers and they are unable to see me. If I switch back to Openfire version 3.10.2, then bidirectional communication between the Openfire servers and jabber.org works just fine. Clearly, something has changed in the S2S code between those versions. Is anyone else having this issue or is it just me? ;-(
Any help is greatly appreciated. Thank you all!
Michael