Can not initialize SSLContext for domain
Added about 4 years ago
I have installed tigase-server-5.2.2-b3464.jar and whenever I try to connect with the created admin account, the exception below shows and the client is stuck at Connecting
@2014-11-02 22:01:45.873 [ConnectionOpenThread] SSLContextContainer.getSSLContext() SEVERE: Can not initialize SSLContext for domain: default, protocol: SSL
java.security.cert.CertificateException: Issuer class type invalid.
at sun.security.x509.X509CertInfo.setIssuer(Unknown Source) at sun.security.x509.X509CertInfo.set(Unknown Source) at tigase.cert.CertificateUtil.createSelfSignedCertificate(CertificateUtil.java:189) at tigase.io.SSLContextContainer.getSSLContext(SSLContextContainer.java:336) at tigase.io.SSLContextContainer.getSSLContext(SSLContextContainer.java:272) at tigase.io.TLSUtil.getSSLContext(TLSUtil.java:121) at tigase.net.IOService.startSSL(IOService.java:396) at tigase.server.ConnectionManager$ConnectionListenerImpl.accept(ConnectionManager.java:1345) at tigase.net.ConnectionOpenThread.run(ConnectionOpenThread.java:224) at java.lang.Thread.run(Unknown Source)
java version "1.8.0_20"
Java(TM) SE Runtime Environment (build 1.8.0_20-b26)
Java HotSpot(TM) 64-Bit Server VM (build 25.20-b23, mixed mode)
What should I do to fix this?
Added by Andrzej Wójcik about 4 years ago
This issue is due to changes in X509 API in JDK8 and it was solved in #1956 but fix is applied only for Tigase XMPP Server 5.3.0-SNAPSHOT and newer.
This issue appears only if there is no valid SSL certificate for domain as in such case Tigase XMPP Server tries to generate self-signed certificate. To overcome this issue in Tigase XMPP Server 5.2.2 you will need to generate certificate for required domain manually (ie. generate self-signed certificate using OpenSSL) and then install it in Tigase XMPP Server as described in Creating and Loading the Server Certificate in pem Files
Added by Teddy Mogire about 4 years ago
Thanks a lot