Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » XMPP Service not Starting (XMPP Service not Starting)
  •  
k.nebel

Messages: 8
Karma: 0
Send a private message to this user
Hi,

I have updated our mail server to new 8.1.0 Beta Version. I wanted now to activate XMPP service but it is not starting due to SSL certificate issue I think.

This is the error message:

mpl.update(DomainServiceImpl.java:111) at com.kerio.im.core.cert.Certificates.<init>(Certificates.java:29) at com.kerio.im.core.CoreRuntime.setExtService(CoreRuntime.java :70) at com.kerio.im.service.task.StartServer$LazyExtServiceLoader.e vent(StartServer.java:75) at com.kerio.im.service.task.StartServer$LazyExtServiceLoader.e vent(StartServer.java:58) at com.kerio.im.core.Bus.publish(Bus.java:34) at com.kerio.im.core.remote.RemoteControl.messageReceived(Remot eControl.java:51) at com.kerio.im.tigase.ConnectComponent.processPacket(ConnectCo mponent.java:129) at tigase.server.AbstractMessageReceiver$QueueListener.run(Abst ractMessageReceiver.java:1341) Caused by: java.security.cert.CertificateParsingException: Problem adding a new certificate. at tigase.io.SSLContextContainer.addCertificates(SSLContextCon
[08/Apr/2013 11:26:23] Instant Messaging [external]: Performing IM service shutdown (Shutdown$ShutdownTask.run)

I can not see a problem with SSL certificate which is installed. Have anyone an idea what kind of problem it is?

Thank you.
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Could you please send the SSL certificate to kms-beta<_at_>kerio.com? We would like to investigate it. Thank you.
  •  
k.nebel

Messages: 8
Karma: 0
Send a private message to this user
I have sent it.

Thanks for investigation.
  •  
Tomas Skoda (Kerio)

Messages: 107
Karma: 20
Send a private message to this user
Thanks for sending your certificate. It helped us to locate an issue which prevents IM service to start. The fix will be included in a final release of Kerio Connect 8.1. We also have a simple workaround for those who don't want to wait until final release is out:

1. Add a new empty line at the end of active certificate public key.
2. Restart Kerio Connect server.

There are two ways how to accomplish the first step:
1. Edit file usually named as <mailserver-dir>/sslcert/server.crt. If you have more than one certificate, you can add a 'Name' column in the table with all SSL certificates (right click on its heading) to help you to choose the right crt file.
2. Alternatively you can export both 'Private Key' and 'Certificate' from Kerio Connect Administration, edit the 'Certificate' file and import both of them back as a new certificate. Do not forget to 'Set as active' the newly created certificate.

Thanks again for your assistance and let us know if it worked for you ...
  •  
k.nebel

Messages: 8
Karma: 0
Send a private message to this user
Ok,

the service is now started and I think it is also working. I'm logged in. This issue is now fixed, so I'm very thankful for your help.

I will open new thread if I have further questions regarding the XMPP service. I'm not so known in this protocol and I did not find much documentation. May be this is a task for you for final release of kerio-connect 8.1.0 Smile

Cheers
Konstantin
  •  
jonc650

Messages: 7
Karma: 0
Send a private message to this user
Hi, can you tell me how you did this? When I try to add an empty line, the cert will not import back in.
  •  
k.nebel

Messages: 8
Karma: 0
Send a private message to this user
Hi,

I have exported the key and the crt from kerio and just reimported it. The first try with adding the empty line the ca was not imported correctly.

After that it was correctly activated and the XMPP service seems to work also.

Try out and let me know. If this does not work I will reopen the ticket of the beta team and send the working crt.

I could not test it with external other XMPP domains but in general the service seems to work.

[Updated on: Thu, 11 April 2013 06:35]

  •  
jonc650

Messages: 7
Karma: 0
Send a private message to this user
Thanks but I cannot get it to start. It might be because I am running it on my Mac Mini and the port is in use. However, I tried to change the port and it still will not start.
  •  
k.nebel

Messages: 8
Karma: 0
Send a private message to this user
Do you have the same error message like me?

Please post from log file.
  •  
jonc650

Messages: 7
Karma: 0
Send a private message to this user
I just try it again with debugging on. Here is the error. It is different...

[10/Apr/2013 21:59:15][4484763648] {im} Federation change message has been arranged, value = 0 (id: 7BDB76C0-C385-4798-88BF-B35750D7A7C4).
[10/Apr/2013 21:59:15][4484763648] {im} There has been generated '7BDB76C0-C385-4798-88BF-B35750D7A7C4' token for wait for response message. External process is expected to respond with this token. Go to sleep.
[10/Apr/2013 21:59:45][4484763648] {im} Awaken. Timeout. No response for '7BDB76C0-C385-4798-88BF-B35750D7A7C4' response waiting queue message.
[10/Apr/2013 21:59:45][4484763648] {im} Unexpected. Event with '7BDB76C0-C385-4798-88BF-B35750D7A7C4' response has not been found in blocking message queue.

I have no idea what this means.
  •  
jonc650

Messages: 7
Karma: 0
Send a private message to this user
Here is more from the log

[10/Apr/2013 22:38:10][4450951168] {im} Going to start process and channels.
[10/Apr/2013 22:38:10][4484435968] {im} Starting logging thread.
[10/Apr/2013 22:38:10][4450951168] {im} XMPP debug log setting message has been arranged (id: 5BCA7A9F-E65A-47C8-B1FA-74BEE29A58AE).
[10/Apr/2013 22:38:10][4450951168] {im} XMPP client open stream message has been arranged (id: D2EB5F23-2D34-409A-8D8D-38C76FC0509F).
[10/Apr/2013 22:38:10][4450951168] {im} Initial config message has been arranged (id: 1A7B98BC-D737-4040-AF07-6E0EAC396304). Admin API: 127.0.0.1:4040, Client API: 127.0.0.1:4040
[10/Apr/2013 22:38:10][4450951168] {im} External Instant Messaging process is expected to listen on '4042' port. Connecting to external process...
[10/Apr/2013 22:39:10][4450951168] {im} Instant Messaging: Failed to connect to external process.
[10/Apr/2013 22:39:10][4450951168] {im} Problem has occured.
[10/Apr/2013 22:39:25][4450951168] {im} Process or channel is in unexpected state.
[10/Apr/2013 22:39:25][4450951168] {im} Going to stop process and channels.
[10/Apr/2013 22:39:25][4450951168] {im} Deinit XMPP protocol parser.
[10/Apr/2013 22:39:25][4484435968] {im} Exiting logging thread.
[10/Apr/2013 22:39:25][4450951168] {im} Stop process and channels finished.
  •  
k.nebel

Messages: 8
Karma: 0
Send a private message to this user
it seems that the xmpp service process can not start. But the cause of it is not shown in the error message. I think I'm not able to help you further. I hope the kerio beta team can help you solving the issue. Sorry :-/
  •  
Tomas Skoda (Kerio)

Messages: 107
Karma: 20
Send a private message to this user
jonc650 could you please send me zipped 'debug.log', 'warning.log' and files from 'store/xmpp/logs' folder so I can help you with your issue? Thank you.

You can send it to kms-beta<_at_>kerio.com.
  •  
jonc650

Messages: 7
Karma: 0
Send a private message to this user
Sent. Thank you for helping me.
Previous Topic: Can't authenticate against LDAP after server migration / version upgrade
Next Topic: Had to enable LOGIN auth (with TLS), will I have security issues?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Aug 23 21:35:50 CEST 2017

Total time taken to generate the page: 0.00527 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.