[jadmin] Jabber FreeBSD, SSL, etc.

Chris Pile cpile at snoogans.co.uk
Tue Feb 12 11:12:17 CST 2002


I just tried this on another test server, I had exactly the same error
you had.  After looking at my config, I noticed I had this:

      <key ip='192.168.1.1'>./certs/key.pem</key>

Realised what was wrong, then changed it to:

    <ssl>
      <key ip="192.168.1.1">./certs/key.pem</key>
    </ssl>

Quotes don't make a difference, but the <ssl/> tags do.  Would be crazy
if we both made the same mistake, but the error I had was exactly the
same as yours.

This was using the jabber-1.4.2 tarball on FreeBSD.


Thanks,
Chris.

Chris Pile wrote:
> 
> I've not actually tried the jabber code from the FreeBSD ports
> collection, I prefer to download the code from the site or CVS.  I've
> installed all my jabber related stuff in "/usr/local/jabber" and chown'd
> it by my jabber user.  I run jabber using: "su jabber -c
> '/usr/local/jabber/jabberd/jabberd -B'" via a stop/start script under
> "/usr/local/etc/rc.d/".
> 
> I'm running msn-transport-1.2 and jabber-1.4.2 (both from the CVS).
> jabber-1.4.2 works fine with SSL+FreeBSD as far as I can tell (I've been
> running it for a month or two).  You do need to compile with gmake
> though.
> 
> It may be worth starting up a server with no transports, then adding one
> at a time.
> 
> Have you definitely got the client SSL libraries (winjab/jim)?  Also the
> following command maybe useful when debugging SSL connections:
> 
> openssl s_client -connect localhost:5223 -debug -state
> 
> See if there is anything obvious in the output.  It should at least
> indicate if your SSL cert is accepted.
> 
> Thanks,
> Chris.
> 
> Ian Cartwright wrote:
> >
> > Greetings all,
> >
> > I have recently had the pleasure of compiling and installing Jabber on my
> > FreeBSD box. During this time, I have researched and accomplished the
> > following tasks:
> >
> > Download, compile and install jabberd-1.4.2, aim-transport-0.9.25,
> > yahoo-transport-0.8-1.4-linux, msn-transport-1.1, and icq-transport-0.9 (via
> > the Ports system of FreeBSD modifying the master Makefile to compile
> > jabberd-1.4.2 instead of 1.4.1 and manually running "autgen.sh
> > i386-unknown-freebsd4.5" for aim-transport and then adding "-I
> > /usr/local/include/pth" to the Makefiles for aim-transport and
> > aim-transport/src).
> >
> > I then went through jabber.xml file and set up services according to the
> > Jabber Server Howto, with the exception of using aim-transport instead of
> > icq-transport for ICQ services (as detailed elsewhere in this forum).
> >
> > I generated my SSL key using two different sets of instructions (one fond in
> > this forum, another on snoogans.co.uk). Snoogan's instructions seemed more
> > complete, leaving me witha combined key/certificate file, with no
> > passphrase.
> >
> > I have checked all the permissions to libraries, binaries, and data dirs,
> > and all seem correct, but I am having two issues:
> >
> > If I try to run jabberd as user=jabber, I get a "Bus Error" message, when
> > using my config file. If I use the generic config file (everything set to
> > localhost, and no services defined) it runs ok. It also runs ok with my
> > config file if I run as root.
> >
> > The other issue is with SSL. I get this in my debug output:
> >
> > Mon Feb 11 14:41:27 2002  mio.c:620 mio while loop, working
> > Mon Feb 11 14:41:27 2002  mio.c:380 _mio_accept calling accept on fd #8
> > Mon Feb 11 14:41:27 2002  mio_ssl.c:234 NULL ctx found in SSL hash
> > Mon Feb 11 14:41:27 2002  mio.c:607 mio while loop top
> > Mon Feb 11 14:41:32 2002  mio.c:620 mio while loop, working
> > Mon Feb 11 14:41:32 2002  mio.c:380 _mio_accept calling accept on fd #8
> > Mon Feb 11 14:41:32 2002  mio_ssl.c:234 NULL ctx found in SSL hash
> > Mon Feb 11 14:41:32 2002  mio.c:607 mio while loop top
> >
> > My previous research lead me to believe that this is either a problem with
> > jabbrd-1.4.1 and FreeBSD or with the SSL Key. I have (to the best of my
> > knowlege) avoided these issues by compiling jabberd-1.4.2 and using the
> > instructions for building a key.
> >
> > Does anyone have any suggestions?
> >
> > Cheers,
> >
> > Ian
> >
> > _______________________________________________
> > jadmin mailing list
> > jadmin at jabber.org
> > http://mailman.jabber.org/listinfo/jadmin
> _______________________________________________
> jadmin mailing list
> jadmin at jabber.org
> http://mailman.jabber.org/listinfo/jadmin



More information about the JAdmin mailing list