Hello,
I would greatly appreciate any insight or help on this aspect.
I have installed and have been running Openfire servers (2 of them running 3.6.4) successfully for sometime now. For s2s communications it was unencrypted and now I want it encrypted, so I have been trying to add encryption.
i created certificates for both from StartSSL.com and added them into the servers succesffully. Looks like these certificates are being provided to each other.
I set the following properties:
xmpp.server.tls.enabled = true.
xmpp.server.certificate.verify=false. (Tried with true also and had teh same result).
xmpp.server.dialback = false.
The TLS negotiation goes well and succeeds but then the sending openfire server tries to use SASL and looks like the receiving openfire server does not offer EXTERNAL SASL.
I added the <sasl><mechs>PLAIN,ANONYMOUS,EXTERNAL</mechs></sasl> to the config file and that presents the EXTERNAL thing as an option to clients, however my s2s logs still complains that EXTERNAL is not being offerered.
What am I missing, is there some other configuration that I need to do or perform some other things to get this to accept the certificates...or is it not supported ?
Thanks
Nagesh