Hi - Im hoping someone can help me or direct me to the correct docuements regard the issue that I am trying to figure out for over 2 weeks (its driving me crazy). I've installed Openfire v3.6.4 with the latest SparkWeb files on Debian Lenny however when I try to change 'client connection security' to 'required' I receive a "TLS was required by the server and connection was never secured. Closing connection" when accessing SparkWeb. I've used both the default openfire generated SSL certs and I've generated my own via our inhouse CA and imported the CA cert and private key into the /usr/share/openfire/resources/security/truststore. I've also modified sparkweb's index.html file to:
return {
server: "[our server ip]",
bindPath: "/http-bind/",
port: "7443",
connectionType: "https",
autoLogin: "false"
policyFileURL: "xmlsocket://[our server ip]:5229"
};
The regular 5222 socket unencrypted connection work fine however we cannot deploy sparkweb without encryption. At the moment apache is configured to use the same SSL cert in Openfire to secure the https connection however this does not secure TCP 5222 and password can be read easily using wireshark. I would be extremely grateful for any help. Thanks.