1

Ok , this is a little off . I have a XMPP sever that supports XEP-00178 (SASL-External)(namely : openfire) and I am using Gajim client to test it. Now I created a .p12 file(using openssl) for the registered user on the server with the common name equal to the user name. The .p12 file is encrypted. But when I use the Gajim to add the user's corresponding encrypted .p12 file , it prompts for the pass phrase , which I supply correctly but it just fails with the error :

Unknown error while loading certificate from file /root/sslCA/alice.p12

I tried opening the same alice.p12 using OpenSSL and everything works just great. Would it be wise to remove the password from the .p12 file? or Is there something that I am doing wrong with regards to Gajim?

amrx
  • 673
  • 1
  • 9
  • 23
  • Ok solved this. This is because of the pass phrase passed on as a uni-code. Modified the nbxmpp.tls_nb.py . – amrx May 28 '15 at 15:53
  • have you been able to successfully login using certificates? I am trying to achieve the same. Could you please help? – gyro Jul 29 '15 at 06:23
  • Sorry for the late reply, I was on a holiday. Yes I was able to login using certificates. Server used was openfire and client was Gajim and I had a bunch of client certificates that were signed by a CA that openfire trusts. Little modification needs to be done in the source of Gajim (a type cast of unicode into string). – amrx Aug 03 '15 at 05:12
  • I am sorry to bother you, Could you please list steps if any you have followed to configure openfire to work with client certificates? I posted in their forum as well. No one responded. I see a few blog posts, but could not successfully create one that works, using those instructions. my email address is srinathreddib at gmail.com – gyro Aug 04 '15 at 06:33
  • I will do this today evening (in India) since I am busy right now with a deadline.I do have a wiki page but that's on company's private portal. I cant share that. I will mail you a new wiki or update my blog. – amrx Aug 04 '15 at 07:01
  • Hey man , I will get back to you, I am still stuck in the office :( – amrx Aug 04 '15 at 16:10
  • Thanks a lot! I really appreciate that – gyro Aug 04 '15 at 21:25
  • Hello amrx, did you get a chance to upload the instructions to your blog? I do not know if it is the problem with certificate generation or openfire configuration? Sorry to bug you!! – gyro Aug 06 '15 at 07:19
  • Hello amrx, Could you please share your blog post? I am sorry to bother you during busy schedule. It would be really helpful for me, as I am stuck on this for over 2 weeks now. – gyro Aug 09 '15 at 06:00
  • Give ur mail, will mail the screen shots of the wiki page , really had no time to write up the steps in blog. – amrx Aug 10 '15 at 16:21
  • I am sorry about your schedule. my email id is srinathreddib@gmail.com – gyro Aug 10 '15 at 20:25

0 Answers0