[asterisk-dev] 1.6.0 jabber (client mode) SSL connection
Brendan Martens
brendan.martens at crosscomm.net
Wed Oct 8 12:42:25 CDT 2008
Here is the debug output of the same issue ( I think? ) on an openfire
server:
2008.10.08 12:40:18 ConnectionHandler:
javax.net.ssl.SSLHandshakeException: SSL handshake failed.
at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:416)
at
org
.apache
.mina
.common
.support
.AbstractIoFilterChain
.callNextMessageReceived(AbstractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access
$1100(AbstractIoFilterChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl
$1.messageReceived(AbstractIoFilterChain.java:648)
at org.apache.mina.common.support.AbstractIoFilterChain
$HeadFilter.messageReceived(AbstractIoFilterChain.java:499)
at
org
.apache
.mina
.common
.support
.AbstractIoFilterChain
.callNextMessageReceived(AbstractIoFilterChain.java:299)
at
org
.apache
.mina
.common
.support
.AbstractIoFilterChain.fireMessageReceived(AbstractIoFilterChain.java:
293)
at
org
.apache
.mina
.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:228)
at
org
.apache
.mina
.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:
198)
at org.apache.mina.transport.socket.nio.SocketIoProcessor.access
$400(SocketIoProcessor.java:45)
at org.apache.mina.transport.socket.nio.SocketIoProcessor
$Worker.run(SocketIoProcessor.java:485)
at
org
.apache
.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.util.concurrent.ThreadPoolExecutor
$Worker.runTask(ThreadPoolExecutor.java:885)
at java.util.concurrent.ThreadPoolExecutor
$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message,
plaintext connection?
at
com
.sun
.net
.ssl
.internal
.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:152)
at
com
.sun
.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:
754)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:
669)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:607)
at org.apache.mina.filter.support.SSLHandler.unwrap0(SSLHandler.java:
658)
at
org
.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:
614)
at
org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:493)
at
org
.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:
306)
at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392)
... 14 more
Brendan Martens
> My asterisk 1.6.0 isn't able to authenticate to my apple iChat server.
> The ichat server requires an SSL connection for clients, I set the
> "usetls=yes" in jabber.conf but it still doesn't like it. Here is the
> error in the apple server's jabber log:
>
> error: SSL handshake error (error:140760FC:SSL
> routines:SSL23_GET_CLIENT_HELLO:unknown protocol)
>
> And here is my jabber.conf (cleared out the sample comments for
> readability):
>
> [general]
> debug=no
> autoprune=no
> autoregister=yes
>
> [servant-jabber]
> type=client
> serverhost=servant.crosscomm.net
> username=asterisk at crosscomm.net/asterisk
> secret=password
> ;priority=1
> port=5223
> usetls=yes
> usesasl=yes
> ;buddy=mogorman at astjab.org
> ;status=available
> ;statusmessage="I am available"
> timeout=15
>
>
> The port setting is correct, it is what I use for normal clients. The
> asterisk user does exist, I am able to authenticate via asterisk user
> with the iChat client.
> Turning sasl on or off doesn't seem to make any difference.
>
> After googling around this seems to be a fairly common issue when
> doing some sort of SSL authentication.
>
> Is this a bug or am I missing something important in my config?
>
>
> Brendan Martens
More information about the asterisk-dev
mailing list