Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server-core
Code
Pull Requests
Issues
List
Boards
Iterations
Timesheets
Builds
Packages
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _server server-core Issues #615
Fail to register to tigase.me XMPP service (#615)
Won't Fix
Janice Leung opened 9 years ago

I try to add domain siuyinjanice.ddns.net to vhost-man through Psi client but it returns "The item did not pass validation checking."

FYI, I have already added SRV records (xmpp-client and xmpp-server).

Grateful if you can help to check the problem, thanks.

Janice Leung
Eric Dziewa commented 9 years ago

Janice we've added the domain for you. Your tigase.im XMPP account as admin.
Janice Leung commented 9 years ago

Hi Eric,

I use Kontalk client to login to siuyinjanice.ddns.net but failed to receive EXTERNAL SASL authentication mechanism from server. Here are log from the client:

12-27 09:06:55.687 D/SMACK   ( 1243): SENT (20): <stream:stream xmlns='jabber:client' to='siuyinjanice.ddns.net' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>

12-27 09:06:55.967 D/SMACK   ( 1243): RECV (20): <?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' from='siuyinjanice.ddns.net' id='ba30847a-a8c0-4613-aa90-8df396a48786' version='1.0' xml:lang='en'>

12-27 09:06:56.447 D/SMACK   ( 1243): RECV (20): <stream:features><sm xmlns="urn:xmpp:sm:3"/><register xmlns="http://jabber.org/features/iq-register"/><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/><ver xmlns="urn:xmpp:features:rosterver"/><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression></stream:features>

12-27 09:06:56.447 D/SMACK   ( 1243): SENT (20): <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>

12-27 09:06:56.727 D/SMACK   ( 1243): RECV (20): <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>

12-27 09:06:57.795 D/SMACK   ( 1243): SENT (20): <stream:stream xmlns='jabber:client' to='siuyinjanice.ddns.net' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>

12-27 09:06:58.079 D/SMACK   ( 1243): RECV (20): <?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' from='siuyinjanice.ddns.net' id='ba30847a-a8c0-4613-aa90-8df396a48786' version='1.0' xml:lang='en'>

12-27 09:06:58.551 D/SMACK   ( 1243): RECV (20): <

12-27 09:06:58.551 D/SMACK   ( 1243): RECV (20): stream:features><sm xmlns="urn:xmpp:sm:3"/><auth xmlns="http://jabber.org/features/iq-auth"/><register xmlns="http://jabber.org/features/iq-register"/><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>ANONYMOUS</mechanism></mechanisms><ver xmlns="urn:xmpp:features:rosterver"/><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression></stream:features>

I am guessing it might be caused by the SSL certificate not properly installed in the server, here are my settings in init.properties:

c2s/clientCertCA=/root/tigase-server/certs/siuyinjanice.ddns.net.pem

FYI, I generate the certificate according to the tigase official guidelines: http://docs.tigase.org/tigase-server/snapshot/Administration_Guide/webhelp/_server_certificates.html, commands are as follows:

openssl req -nodes -new -newkey rsa:2048 -keyout siuyinjanice.ddns.net.key -out siuyinjanice.ddns.net.csr

openssl x509 -req -days 365 -in siuyinjanice.ddns.net.csr -signkey siuyinjanice.ddns.net.key -out siuyinjanice.ddns.net.crt

cat siuyinjanice.ddns.net.crt siuyinjanice.ddns.net.key > siuyinjanice.ddns.net.pem

Grateful if you could advise what are the possible problems. Thanks.

Janice
Andrzej Wójcik (Tigase) commented 9 years ago

I have a question about this "setup". You have domain siuyinjanice.ddns.net domain configured in DNS to be hosted by tigase.me servers, so I do not get why do you expect to have SASL EXTERNAL available as tigase.me servers are hosted on our hardware and in our configuration SASL EXTERNAL is not enabled?

Where do you have your server configured? is it installed locally? if so, is DNS configured to point to your server? (including SRV records for _xmpp-client._tcp) - as I checked DNS points to tigase.me servers.

Also which version of Tigase XMPP Server do you use? You set applicable version to 5.2.0 while you use documentation for snapshot version which is @7.1.0@!
Andrzej Wójcik (Tigase) commented 9 years ago

Also it would be good to keep single issue related to single question and for general questions about usage of Tigase XMPP Server (not bug) please use our forum.
Janice Leung commented 9 years ago

Hi Andrzej,

Thanks for your clarification. Yes, I want to use my local tigase xmpp server which DNS siuyinjanice.ddns.net is pointing to. I think i had misunderstanding about the tigase xmpp server settings before so wrongly asked Eric to add the domain for tigase.me service. Could you please remove the domain from the list so that I can use the xmpp service from my local server (correct me if I am wrong again)?

Many thanks to your support :)

Janice
Andrzej Wójcik (Tigase) commented 9 years ago

Yes, we should remove your domain from tigase.me service.

%eric could you remove added vhost for this domain @siuyinjanice.ddns.net@?

However you can use your server without this removal. As I see you already removed DNS SRV records for your domain which pointed to tigase.me server, which is good as now clients will connect to your domain hosted by your server.
issue 1 of 1
Type
Bug
Priority
Blocker
Assignee
Janice Leung
RedmineID
3789
Spent time
3h 45m
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_server/server-core#615
Please wait...
Page is in error, reload to recover