The TLS negotiation appears to hang after the server sends to the client. I am using Tigase 5.2.0 Beta3 with a default config, and tested with both sleekxmpp and Psi. I tried configuring tigase with a cert and also letting tigase just generate a cert on its own. Either way, nothing happens after . This problem does not occur if I connect to tigase.org's XMPP server instead of my own, so I wonder if tigase.org runs a different version or if there is something different about the environment (JVM/library versions?).
Added by Andrzej Wójcik over 5 years ago
There was issue with TLS and was related to JDK7/openssl and as I remember it was fixed before beta3 was released but fix was not active by default, see http://www.tigase.org/content/tls-jdk-nss-bug-workaround-active.
On tigase.org we are using one of our nightly builds which contains this fix activated by default as we decided to fully support JDK7 in 5.2.0 branch
Added by Justin Karneges over 5 years ago
One thing I also noticed is that the first TLS handshake of a server launch always fails. Easy to reproduce:
1) start tigase (and wait a little while to ensure tigase is ready for connections)
3) tls fails (psi simply disconnects after , and sleek reports an invalid cert (possibly bogus reason))
4) connect again
5) success! repeat step 4
This is only a minor bug since it seems to only affect the first connection the server receives, and there is also plenty of time during server startup where connections will fail for other reasons (like tigase not yet being ready). Still, it is quite an odd bug since it occurs no matter how long you wait after startup.