-- Artur, we have a problem -- that was first words I heard over the phone -- we have grown from 1k to 100k online users in a few days and we expect to hit 1M online users within 2 weeks and probably much more when we go life.
Yes i think you are right about self-signed certificate and websocket.
I will try a valid certificate.
I have generated a self-signed certificate with openssl but i still have error when connecting with websocket.
Can i use a self-signed certificate with tigase? Do you know if browsers accept self-signed certificate for websocket connections?
Thank you in advance
I'm currently in the process of migrating the user base of a salted SHA1 backed Prosody to Tigase, and I'm stuck on the migration of the password hashes. Have you guys been through it?
I've been looking at the stored procedures that adds/updates users in https://repository.tigase.org/reps/tigase-server/trunk/database/postgresql-schema-4-sp.sql and your efforts regarding SCRAM https://projects.tigase.org/projects/tigase-server/repository/revisions/4bf9429209fe9f77c12c9cc510243625dc971750 and I was wondering how (if) they fit together.
What are you plans regarding supporting an user base relying on salted SHA1 hashes?
Thank you for your quick answers.
I'm acutally trying to validate my certificate PEM file with openssl.
I suppose this issue is related to the fact that browsers may reject connections to wss:// endpoint if SSL certificate is not valid or SSL certificate is not for proper domain or when SSL certificate is self-signed as browser will be unable to validate if certificate is valid and secure.
I would suggest to try to use openssl to verify if proper SSL certificate is served over wss:// endpoint and if certificate is valid.
Most likely, Chrome has no idea that it should use SSL socket and attempts to connect over plain socket.
Andrzej: do you have any suggestions? Have you tested websockets over SSL?
i try to enable WebSocket over SSL in tigase
Everything works fine with plain websocket connection (ws://) but when i try to enable SSL on port 5291, brothers can not connect to wss:// on port 5291
My configuration works with a virtual host named "iash".
Here is my init.properties file :
--cluster-mode = false
config-type = --gen-config-def
--debug = server,ws2s
--user-db = derby
--admins = admin@isah
--user-db-uri = jdbc:mysql://172.20.1.62/dmz_dis_tigase?user=***&password=***
#user-db-uri = jdbc:derby:c:\\Tigase\\tigasedb
--virt-hosts = isah
--comp-name-3 = message-archive
--comp-class-3 = tigase.archive.MessageArchiveComponent
--comp-class-2 = tigase.socks5.Socks5ProxyComponent
--comp-name-2 = proxy
--comp-class-1 = tigase.muc.MUCComponent
--comp-name-1 = muc
--sm-plugins = +message-archive-xep-0136,+jabber:iq:auth,+urn:ietf:params:xml:ns:xmpp-sasl,+urn:ietf:params:xml:ns:xmpp-bind,+urn:ietf:params:xml:ns:xmpp-session,+jabber:iq:register,+jabber:iq:roster,+presence,+jabber:iq:privacy,+jabber:iq:version,+http://jabber.org/protocol/stats,+starttls,+msgoffline,+vcard-temp,+http://jabber.org/protocol/commands,+jabber:iq:private,+urn:xmpp:ping,+basic-filter,+domain-filter,+pep,-zlib
--tigase.cache = false
--comp-name-4 = ws2s
--comp-class-4 = tigase.server.websocket.WebSocketClientConnectionManager
Firefox logs :
"websocket supported" ChatManager.js:36
"Server URL: wss://isah:5291/http-bind/" ChatManager.js:37
L'utilisation de « getPreventDefault() » est obsolète. Utiliser « defaultPrevented » à la place. jquery-1.8.2.min.js:2
Firefox ne peut établir de connexion avec le serveur à l'adresse wss://isah:5291/http-bind/. jsjac.uncompressed.js:5198
"websocket error" jsjac.uncompressed.js:1749
<error code="503" type="cancel">
Chrome logs :
websocket supported ChatManager.js:36
Server URL: wss://isah:5291/http-bind/ ChatManager.js:37
WebSocket connection to 'wss://isah:5291/http-bind/' failed: WebSocket opening handshake was canceled jsjac.uncompressed.js:5198
websocket error jsjac.uncompressed.js:1749
<error code="503" type="cancel">…</error>
I sent tigase log file in attachment
Do you have any ideas for this issue ?
Thanks a lot !
Thanks a lot for your help.
I completely ignored adding the configuration file.
It works perfect now.
That was it! Thanks!
I've created ticket - please follow it for resolution: #2415
How do you start Tigase? It looks like you are not passing config file as an argument hence Tigase uses default and completely ignores your configuration. You should use (under linux), from tigase home directory:
scripts/tigase.sh start etc/tigase.conf
I have done that.
I have attached the following three files you have requested for.
I am currently using Sun JDK 7 to run tigase on.
Seems like at bad network, client try to reconnect again and agian. so two or more resource-bind request arrived the server in the same time. before resource-bind, the anonymous session locked itself and try to close others. when two sessions locked themslves and try to close each other, deadlock happen!
Please share complete logs/tigase-console.log and logs/tigase.log.0 logs from clean startup after which the issue manifest itself. Please also modify etc/init.properties and have following debug settings enabled:
I am unable to find any Authentication Repository errors. I also tried using the default Derby Database to avoid any database errors.
Hm, in your client configuration do you use fixed bind resource name or allow server to configure it?
Cairil Douner wrote:
Thank you, but please include them in the above linked thread so it will be easier to follow it.
We are re-organizing things and documentation will be available from docs.tigase.org. Mentioned property can be found here: s2s-secret
We provide software products, consulting and custom development servicesTigase, Inc.
Follow us on: