[asterisk-dev] 1.6.0 jabber (client mode) SSL connection

Brendan Martens brendan.martens at crosscomm.net
Wed Oct 8 12:42:25 CDT 2008


Here is the debug output of the same issue ( I think? ) on an openfire  
server:

2008.10.08 12:40:18 ConnectionHandler:
javax.net.ssl.SSLHandshakeException: SSL handshake failed.
	at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:416)
	at  
org 
.apache 
.mina 
.common 
.support 
.AbstractIoFilterChain 
.callNextMessageReceived(AbstractIoFilterChain.java:299)
	at org.apache.mina.common.support.AbstractIoFilterChain.access 
$1100(AbstractIoFilterChain.java:53)
	at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl 
$1.messageReceived(AbstractIoFilterChain.java:648)
	at org.apache.mina.common.support.AbstractIoFilterChain 
$HeadFilter.messageReceived(AbstractIoFilterChain.java:499)
	at  
org 
.apache 
.mina 
.common 
.support 
.AbstractIoFilterChain 
.callNextMessageReceived(AbstractIoFilterChain.java:299)
	at  
org 
.apache 
.mina 
.common 
.support 
.AbstractIoFilterChain.fireMessageReceived(AbstractIoFilterChain.java: 
293)
	at  
org 
.apache 
.mina 
.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:228)
	at  
org 
.apache 
.mina 
.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java: 
198)
	at org.apache.mina.transport.socket.nio.SocketIoProcessor.access 
$400(SocketIoProcessor.java:45)
	at org.apache.mina.transport.socket.nio.SocketIoProcessor 
$Worker.run(SocketIoProcessor.java:485)
	at  
org 
.apache 
.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
	at java.util.concurrent.ThreadPoolExecutor 
$Worker.runTask(ThreadPoolExecutor.java:885)
	at java.util.concurrent.ThreadPoolExecutor 
$Worker.run(ThreadPoolExecutor.java:907)
	at java.lang.Thread.run(Thread.java:619)
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message,  
plaintext connection?
	at  
com 
.sun 
.net 
.ssl 
.internal 
.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:152)
	at  
com 
.sun 
.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java: 
754)
	at  
com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java: 
669)
	at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
	at org.apache.mina.filter.support.SSLHandler.unwrap0(SSLHandler.java: 
658)
	at  
org 
.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java: 
614)
	at  
org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:493)
	at  
org 
.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java: 
306)
	at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392)
	... 14 more

Brendan Martens

> My asterisk 1.6.0 isn't able to authenticate to my apple iChat server.
> The ichat server requires an SSL connection for clients, I set the
> "usetls=yes" in jabber.conf but it still doesn't like it. Here is the
> error in the apple server's jabber log:
>
> error: SSL handshake error (error:140760FC:SSL
> routines:SSL23_GET_CLIENT_HELLO:unknown protocol)
>
> And here is my jabber.conf (cleared out the sample comments for
> readability):
>
> [general]
> debug=no
> autoprune=no
> autoregister=yes
>
> [servant-jabber]
> type=client
> serverhost=servant.crosscomm.net
> username=asterisk at crosscomm.net/asterisk
> secret=password
> ;priority=1
> port=5223
> usetls=yes
> usesasl=yes
> ;buddy=mogorman at astjab.org
> ;status=available
> ;statusmessage="I am available"
> timeout=15
>
>
> The port setting is correct, it is what I use for normal clients. The
> asterisk user does exist, I am able to authenticate via asterisk user
> with the iChat client.
> Turning sasl on or off doesn't seem to make any difference.
>
> After googling around this seems to be a fairly common issue when
> doing some sort of SSL authentication.
>
> Is this a bug or am I missing something important in my config?
>
>
> Brendan Martens





More information about the asterisk-dev mailing list