Openfire Server-to-Server connectivity issue

Recently, I’ve been working on deploying a clustered Instant Messaging (IM) chat service in my lab and after setting up the clustering by way of the Hazelcast plugin, I found that I was have some rather strange errors being written into the log files which suggested that the server to server connectivity was not being successfully initiated.

Here is a snippet from the log file;

2016.09.14 17:51:13 WARN [Server SR - 16593225]: org.jivesoftware.openfire.net.SocketReader - Closing session due to incorrect hostname in stream header. Host: of1.lab.tobyheywood.com. Connection: org.jivesoftware.openfire.net.SocketConnection@c53ac0 socket: Socket[addr=/192.168.1.11,port=44042,localport=5269] session: null
 2016.09.14 17:51:13 WARN [Server SR - 3158473]: org.jivesoftware.openfire.net.SocketReader - Closing session due to incorrect hostname in stream header. Host: of1.lab.tobyheywood.com. Connection: org.jivesoftware.openfire.net.SocketConnection@1f8e35b socket: Socket[addr=/192.168.1.11,port=44043,localport=5269] session: null
 2016.09.14 17:51:13 WARN [pool-10-thread-3]: org.jivesoftware.openfire.server.ServerDialback[Acting as Originating Server: Create Outgoing Session from: openfire.lab.tobyheywood.com to RS at: of1.lab.tobyheywood.com (port: 5269)] - Unable to create a new outgoing session
 2016.09.14 17:51:13 WARN [pool-10-thread-3]: org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: openfire.lab.tobyheywood.com to of1.lab.tobyheywood.com] - Unable to create a new session: Dialback (as a fallback) failed.
 2016.09.14 17:51:13 WARN [pool-10-thread-3]: org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: 'openfire.lab.tobyheywood.com' to remote domain: 'of1.lab.tobyheywood.com'] - Unable to authenticate: Fail to create new session.

Now as part of my investigation into the issue I noticed that the servers were not listing on the server to server port (TCP port 5269).  Which in all honesty confused me even more.

A bit of Googling later (admit it, we all do it sometimes), and I had found the solution.

Resolution

From the Openfire Web UI, Navigate to the following location and set the STARTTLS Policy to “Required“.

  • Server > Server Settings > Server to Server > STARTTLS Policy = Required.

Do this for both (or all) nodes and restart the services.  You should find that things are looking happier.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.