Friday, September 14, 2012

Jabberd2 and OpenFire notes

Resources:
http://www.24100.net/2009/11/federate-google-wave-sandbox-with-your-own-fedone-server/

If you have a pkcs12 that contains your private key and certificate chain, use following command to convert it to pem:

openssl pkcs12 -in startssl.p12 -out startssl.pem –nodes

Maybe you need to manually adjust order of certificates in the generated pem file. You client cert should appear first, then certs from intermediate CAs, and root CA cert.

Read comments in file http://codex.xiaoka.com/svn/jabberd2/trunk/etc/c2s.xml.dist.in

<id register-enable='true'
    require-starttls='true'
    pemfile='/home/gerald/ongoing/jabberd2/startssl.pem'>129-79-49-197.dhcp-bl.indiana.edu</id>

Don’t put it this way for readability:

<id register-enable='true'
    require-starttls='true'
    pemfile='/home/gerald/ongoing/jabberd2/startssl.pem'>
129-79-49-197.dhcp-bl.indiana.edu</id>

You will get “Host Unknown” error :-(

FedOne

router.xml
local –> secret

run-config.sh
XMPP_SERVER_PORT=5347

sm.xml: sm->id

c2s.xml: c2s->local –>id

Certificate for you domain

openssl genrsa 2048 | openssl pkcs8 -topk8 -nocrypt -out wave1.example.com.key
openssl req -new -nodes -sha1 -days 365 -key wave1.example.com.key -out wave1.example.com.csr
Note: Common Name (eg, YOUR name) []: wave1.wave.zhenhua.info

DNS

SRV

Settting
_xmpp-server._tcp.wave1.example.com               wave1.example.com 5269
_xmpp-server._tcp.wave.wave1.example.com      wave1.example.com 5269

Priority and weight are not so important in our SRV settings.

Testing
dig +short -t SRV _xmpp-server._tcp.wave1.example.com
dig +short -t SRV _xmpp-server._tcp.wave.wave1.example.com

A

wave1.example.com    your_server_ip_address

FedOne server config

WAVE_SERVER_DOMAIN_NAME=wave1.example.com     # not wave.wave1.example.com

XMPP_SERVER_PING=initech-corp.com

Use ./check-certificates.sh to check your certificate settings.

 

Hostname used set in OpenFire and FedOne server should match (wave1.example.com in our example).

edit /etc/openfire/openfire.xml, change <setup>true</setup> to <setup>false</setup>. restart the server.

Server Manager –> Server Information, section “Server Properties”:
Server Name: wave1.example.com

OpenFire

Add a user named “username”. Your users will have accounts like username@wave1.example.com

Test

Open client console: ./run-client-console.sh username

type /new, /open 0, /add your_wavesandbox_account, then type a message. You should see the message in your wavesandbox page. There is delay (for me about 1 minute).

In google wave sandbox, add user@wave1.example.com to your address book

No comments: