openfire Unsupported record version Unknown-47.115
错误日志:
写道
javax.net.ssl.SSLException: Unsupported record version Unknown-47.115
at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:116)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:168)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:182)
at org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode.java:85)
at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:138)
at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76)
at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:137)
at java.lang.Thread.run(Thread.java:724)
at sun.security.ssl.EngineInputRecord.bytesInCompletePacket(EngineInputRecord.java:116)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:845)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.jivesoftware.openfire.net.TLSStreamHandler.doHandshake(TLSStreamHandler.java:222)
at org.jivesoftware.openfire.net.TLSStreamHandler.start(TLSStreamHandler.java:168)
at org.jivesoftware.openfire.net.SocketConnection.startTLS(SocketConnection.java:182)
at org.jivesoftware.openfire.net.SocketReadingMode.negotiateTLS(SocketReadingMode.java:85)
at org.jivesoftware.openfire.net.BlockingReadingMode.readStream(BlockingReadingMode.java:138)
at org.jivesoftware.openfire.net.BlockingReadingMode.run(BlockingReadingMode.java:76)
at org.jivesoftware.openfire.net.SocketReader.run(SocketReader.java:137)
at java.lang.Thread.run(Thread.java:724)
借鉴社区答案
http://community.igniterealtime.org/thread/33362
写道
Hey there,
I noticed one line in particular: "root certificate not trusted of", which would mean your certificate validation chain seems to be broken or you don't have the proper root certificates installed for the certificates you are using (in openfire's truststore). Next to that I also noticed some timeouts so it may be a combined problem with poor connectivity and not having the full validation chain available.
You can try setting:
xmpp.server.certificate.verify = false
on both servers, and see if you still get the s2s errors. If not, you should have a look at making sure your certificates are complete, correct, and that the truststore on your servers have the appropriate root certificates and intermediate certificates (if any) installed.
Also, if one or both of the servers are using self-signed certificates, you can try to use:
xmpp.server.certificate.accept-selfsigned = true
to make sure self-signed certificates are considered valid.
Hope this helps,
Mark.
I noticed one line in particular: "root certificate not trusted of", which would mean your certificate validation chain seems to be broken or you don't have the proper root certificates installed for the certificates you are using (in openfire's truststore). Next to that I also noticed some timeouts so it may be a combined problem with poor connectivity and not having the full validation chain available.
You can try setting:
xmpp.server.certificate.verify = false
on both servers, and see if you still get the s2s errors. If not, you should have a look at making sure your certificates are complete, correct, and that the truststore on your servers have the appropriate root certificates and intermediate certificates (if any) installed.
Also, if one or both of the servers are using self-signed certificates, you can try to use:
xmpp.server.certificate.accept-selfsigned = true
to make sure self-signed certificates are considered valid.
Hope this helps,
Mark.
1536
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
