Problem with deploying certificates on Tigase server (#387)

Activities

Harish Raut opened 1 decade ago

Hi,

We are trying to setup a certificate on the tigase server we installed with the basic configuration. We get errors when we try to use any other certificate except the default self-signed certificate.

We have tried with several different ones like with startssl, cacerts, etc. And followed the documentation on tigase website, including setting the root certs as described.

We get the following logs when we start the tigase server,

2014-11-05 07:20:05.526 [main]             SSLContextContainer.init()         WARNING:  Cannot load certficate from file: certs/aperir.net.pem
java.lang.ArrayIndexOutOfBoundsException: 4554
	at tigase.util.Base64.decode(Base64.java:57)
	at tigase.cert.CertificateUtil.parseCertificate(CertificateUtil.java:621)
	at tigase.cert.CertificateUtil.loadCertificate(CertificateUtil.java:473)
	at tigase.io.SSLContextContainer.init(SSLContextContainer.java:405)
	at tigase.io.TLSUtil.configureSSLContext(TLSUtil.java:89)
	at tigase.conf.ConfiguratorAbstract.setProperties(ConfiguratorAbstract.java:815)
	at tigase.conf.ConfiguratorAbstract.setup(ConfiguratorAbstract.java:550)
	at tigase.conf.ConfiguratorAbstract.componentAdded(ConfiguratorAbstract.java:182)
	at tigase.conf.Configurator.componentAdded(Configurator.java:50)
	at tigase.conf.Configurator.componentAdded(Configurator.java:33)
	at tigase.server.AbstractComponentRegistrator.addComponent(AbstractComponentRegistrator.java:115)
	at tigase.server.MessageRouter.addRegistrator(MessageRouter.java:141)
	at tigase.server.MessageRouter.setConfig(MessageRouter.java:696)
	at tigase.server.XMPPServer.start(XMPPServer.java:142)
	at tigase.server.XMPPServer.main(XMPPServer.java:112)
2014-11-05 07:20:05.901 [Thread-1]         SSLContextContainer.loadTrustedCerts()  WARNING: Problem loading certificate from file: /etc/ssl/certs/aperir.net.pem
2014-11-05 07:20:06.112 [main]             SimpleCache.<init>()               WARNING:  Tigase cache turned off.
Jid vhost-manager;
2014-11-05 07:20:07.112 [main]             VHostManager.setProperties()       WARNING:  {im.aperir.net=Domain: im.aperir.net, enabled: true, anonym: false, register: true, maxusers: 0, tls: false, s2sSecret: null, domainFilter: ALL}

As well as when we run the following command then we get the exception like,

#java -cp jars/tigase-server.jar tigase.cert.CertificateUtil --load-cert certs/aperir.net.pem
Exception in thread "main" java.lang.ArrayIndexOutOfBoundsException: 4554
	at tigase.util.Base64.decode(Base64.java:57)
	at tigase.cert.CertificateUtil.parseCertificate(CertificateUtil.java:621)
	at tigase.cert.CertificateUtil.loadCertificate(CertificateUtil.java:473)
	at tigase.cert.CertificateUtil.loadCertificate(CertificateUtil.java:493)
	at tigase.cert.CertificateUtil.main(CertificateUtil.java:556)

Anyone has solution on this ? Please get me out from this issue.

Thanks in advance.

wojciech.kapcia@tigase.net commented 1 decade ago

First of all - for general questions please use forums instead of reporting issues/bugs.

As for the issue - we used both startssl and cacerts without any problems. Make sure you have correct files (including all intermediate!) and that you can verify file using openssl utility.

Type	Bug
Priority	Blocker
Assignee	Harish Raut
RedmineID	2436

Duplicate

#386 Won't Fix

Cannot load certficate from file: certs/mydomain.com.pem

Issue Votes (0)

Watchers (0)

Reference

tigase/_server/server-core#387