Bosh using https? (#1466)

Unknown opened 3 years ago

I have a problem with bosh https I cannot open bosh connection: https://192.168.8.32:18090/xmpp-httpbind stroph.js reports: ERR_CONNECTION_CLOSED but when using http (http://192.168.8.32:8090/xmpp-httpbind) it works.

how can i config bosh using https?

Details (please complete the following information):

Tigase version: 8.1.0
JVM flavour and version AdoptOpenJDK11
Operating system/distribution/version windows server 2012

config.tdsl bosh part:

bosh {
    connections {
        ports = [ 8090, 18090 ]
        /** NOT ok */
        18090(){
            socket = 'ssl'
        }
        /* ok */
        8090(){

        }
    }
    seeOtherHost {}
}

/** all ok **/
httpServer {
    connections {
        8080 (active: false) {}
        18092 () {
            domain = '192.168.8.32'
            socket = 'ssl'
        }
        8092() {
        }
    }
}

Unknown commented 3 years ago

stroph.js reports: ERR_CONNECTION_CLOSED

Can you share more details regarding the error?

Do you have correct certificate for the domain?

Unknown commented 3 years ago

certificate is this? certs/192.168.8.32.pem.(tigase auto created )

when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok.

but only the BOSH API can't connect. I'm using strophe.js .
but when using http it works ok. ports as list above.

Unknown commented 3 years ago

certificate is this? certs/192.168.8.32.pem.(tigase auto created )

when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok.

but only the BOSH API can't connect. I'm using strophe.js .
but when using http it works ok. ports as list above.

Unknown commented 3 years ago

when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok.

but only the BOSH API can't connect. I'm using strophe.js .

Quite possibly strophe.js blocks the connection because certificate is self-signed (i.e. those aren't trusted by default).

Unknown commented 3 years ago

Yesterday, I bought a commercial certificate(based on IP, not domain). and all SSL ports are OK except BOSH。 I confirmed i have a config problem on bosh. But what's a perfect config?

 bosh {
    connections {
        ports = [ 8090, 18090 ]
        /** NOT ok */
        18090(){
            socket = 'ssl'
        }
        /* ok */
        8090(){

        }
    }
    seeOtherHost {}
}

Unknown commented 3 years ago

You don't have to buy the certificate - you can use Let's Encrypt.

You can/should remove ports = [ 8090, 18090 ] line.

Yes, the configuration is correct. I just tested it and it worked just fine: Captura de pantalla 2022-03-04 a las 14 09 18

Unknown commented 3 years ago

Thank you for your testing! It's ok now.
the reason i thought bosh is base on domain, can't visit by IP .

	Unknown opened 3 years ago I have a problem with bosh https I cannot open bosh connection: https://192.168.8.32:18090/xmpp-httpbind stroph.js reports: ERR_CONNECTION_CLOSED but when using http (http://192.168.8.32:8090/xmpp-httpbind) it works. how can i config bosh using https? Details (please complete the following information): Tigase version: 8.1.0 JVM flavour and version AdoptOpenJDK11 Operating system/distribution/version windows server 2012 config.tdsl bosh part: `bosh { connections { ports = [ 8090, 18090 ] /** NOT ok / 18090(){ socket = 'ssl' } / ok / 8090(){ } } seeOtherHost {} } /* all ok **/ httpServer { connections { 8080 (active: false) {} 18092 () { domain = '192.168.8.32' socket = 'ssl' } 8092() { } } }`
	Unknown commented 3 years ago stroph.js reports: ERR_CONNECTION_CLOSED Can you share more details regarding the error? Do you have correct certificate for the domain?
	Unknown commented 3 years ago certificate is this? certs/192.168.8.32.pem.(tigase auto created ) when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok. but only the BOSH API can't connect. I'm using strophe.js . but when using http it works ok. ports as list above.
	Unknown commented 3 years ago certificate is this? certs/192.168.8.32.pem.(tigase auto created ) when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok. but only the BOSH API can't connect. I'm using strophe.js . but when using http it works ok. ports as list above.
	Unknown commented 3 years ago when visit https://192.168.8.32:18092/index.html, the browser warning me it's a not safe site but can click continue to visit. all https REST interface works ok. but only the BOSH API can't connect. I'm using strophe.js . Quite possibly strophe.js blocks the connection because certificate is self-signed (i.e. those aren't trusted by default).
	Unknown commented 3 years ago Yesterday, I bought a commercial certificate(based on IP, not domain). and all SSL ports are OK except BOSH。 I confirmed i have a config problem on bosh. But what's a perfect config? `bosh { connections { ports = [ 8090, 18090 ] /** NOT ok / 18090(){ socket = 'ssl' } / ok */ 8090(){ } } seeOtherHost {} }`
	Unknown commented 3 years ago You don't have to buy the certificate - you can use Let's Encrypt. You can/should remove `ports = [ 8090, 18090 ]` line. Yes, the configuration is correct. I just tested it and it worked just fine:
	Unknown commented 3 years ago Thank you for your testing! It's ok now. the reason i thought bosh is base on domain, can't visit by IP .