Project

General

Profile

Can't connect via https (BOSH) on port 5281

S E
Added 9 months ago

Using Tigase 7.0.1

I recently installed an SSL certificate to our site domain, to use https on port 443. The same domain is used to connect to the XMPP server on ports 5280 and 5281. However, i can't connect on port 5281.

Here is my init.properties, for the bosh setup:

--bosh-ports=5280,5281
bosh/connections/5281/socket=ssl
bosh/connections/5281/type=accept

I can connect to port 5280 just fine, using openssl s_client -connect my-site.net:5280. However, trying to connect to 5281, it hangs for about 10 seconds, then results in:


15708:error:0200274C:system library:connect:reason(1868):crypto\bio\b_sock2.c:108:
15708:error:2008A067:BIO routines:BIO_connect:connect error:crypto\bio\b_sock2.c:109:
connect:errno=0

We have GoDaddy for our CA. I've tried using the default certificate generated by Tigase (certs/my-site.net.pem), and it doesn't work. I've creating my own pem file, consisting of the .crt (assigned from godaddy), .key, intermediates cert (from godaddy), and root cert (from godaddy), naming it my-site.net.pem, and it makes no difference.

Is there anything I'm overlooking? Thanks


Replies (1)

Added by Wojciech Kapcia TigaseTeam 9 months ago

You should place your certificate in certs/default.pem as our BOSH implementation doesn't support SNI.

    (1-1/1)