Last week I started in-depth evaluation of Openfire 3.8.0 and if we could use it as our XMPP server hosted on a Win 2008 R2 member server. After battling through a number of problems large and small, and with lots of help from the posts on this forum, I've encountered a problem that has me completely stumped.
The server is completely installed,configured, and running with the exception the SSL/TLS. I completed the steps included in the SSL guide and successfully imported a cert into the keystore. I also changed the keystore password as recommended. In fact, I've successfully changed the password twice just to be certain (and of course, I made the coresponding changes to the server configuration using the Admin tool)
The error log contains the following (my apologies for not including the original text from their respective files; the facility I work at is secure and files cannot be released with a lot of paper work):
org.jivesoftware.openfire.net.SSLConfig - SSLConfig startup problem
storeType: [jks]
keyStoreLocation: [C:\Program Files (x86)\Openfire\resources\security\]
keypass: [Mariner10]
java.io.fileNotFoundException: C:\Program Files (x86)\Openfire\resources\security (Access is denied)
Addtionally the warning file contains
org.eclipse.jetty.util.component.AbstractLifeCycle - FAILED org.eclipse.jetty.http.ssl.SslContextFactory@184df1d#FAILED:
java.io.FileNotFoundException: C:\Program Files (x86)\Openfire\resources\security (Access is denied)
org.eclipse.jetty.util.component.AbstractLifeCycle - FAILED SslSelectChannelConnector@0.0.0.0:9091 FAILED:
java.io.FileNotFoundException: C:\Program Files (x86)\Openfire\resources\security (Access is denied)
Psi+ is the XMPP client and it errors out with a failed to connect TLS message.
I checked and changed the permissions on the security folder and keystore file and ensured that the server service accounts had full permission (read/write/modify/change ownership, delete, etc...) but no change to the problem.
Is there any place else I should be looking? Is this a JAVA issue? There are no entries in the Windows event log. OpenFire can successfully access the domain directory via LDAP over port 636. I installed the cert that I loaded into the keystore on IIS and can connect and view it using a browser and https.
Any assistance would be greatly appreaciated.