Projects tigase _server server-core Issues #1466
Bosh using https? (#1466)
Open
Unknown opened 3 years ago

I have a problem with bosh https I cannot open bosh connection: https://192.168.8.32:18090/xmpp-httpbind stroph.js reports: ERR_CONNECTION_CLOSED but when using http (http://192.168.8.32:8090/xmpp-httpbind) it works.

how can i config bosh using https?

Details (please complete the following information):

  • Tigase version: 8.1.0
  • JVM flavour and version AdoptOpenJDK11
  • Operating system/distribution/version windows server 2012

config.tdsl bosh part:

bosh {
    connections {
        ports = [ 8090, 18090 ]
        /** NOT ok */
        18090(){
            socket = 'ssl'
        }
        /* ok */
        8090(){

        }
    }
    seeOtherHost {}
}

/** all ok **/
httpServer {
    connections {
        8080 (active: false) {}
        18092 () {
            domain = '192.168.8.32'
            socket = 'ssl'
        }
        8092() {
        }
    }
}
Unknown commented 3 years ago

stroph.js reports: ERR_CONNECTION_CLOSED

Can you share more details regarding the error?

Do you have correct certificate for the domain?

Unknown commented 3 years ago

certificate is this? certs/192.168.8.32.pem.(tigase auto created )

when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok.

but only the BOSH API can't connect. I'm using strophe.js .
but when using http it works ok. ports as list above.

Unknown commented 3 years ago

certificate is this? certs/192.168.8.32.pem.(tigase auto created )

when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok.

but only the BOSH API can't connect. I'm using strophe.js .
but when using http it works ok. ports as list above.

Unknown commented 3 years ago

when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok.

but only the BOSH API can't connect. I'm using strophe.js .

Quite possibly strophe.js blocks the connection because certificate is self-signed (i.e. those aren't trusted by default).

Unknown commented 3 years ago

Yesterday, I bought a commercial certificate(based on IP, not domain). and all SSL ports are OK except BOSH。 I confirmed i have a config problem on bosh. But what's a perfect config?

 bosh {
    connections {
        ports = [ 8090, 18090 ]
        /** NOT ok */
        18090(){
            socket = 'ssl'
        }
        /* ok */
        8090(){

        }
    }
    seeOtherHost {}
}
Unknown commented 3 years ago

You don't have to buy the certificate - you can use Let's Encrypt.

You can/should remove ports = [ 8090, 18090 ] line.

Yes, the configuration is correct. I just tested it and it worked just fine: Captura de pantalla 2022-03-04 a las 14 09 18

Unknown commented 3 years ago

Thank you for your testing! It's ok now.
the reason i thought bosh is base on domain, can't visit by IP .

issue 1 of 1
Type
Question
Issue Votes (0)
Watchers (0)
Reference
tigase/_server/server-core#1466
Please wait...
Page is in error, reload to recover