[guardian-dev] chatsecure android failing with jabberd2

Hans-Christoph Steiner hans at guardianproject.info
Tue Apr 21 12:23:53 EDT 2015


Does your XMPP server have a TLS certificate from a certificate provider that
is in your trust store of your device?  That usually means you bought a TLS
certificate, but it can also be achieved in other ways, like using
https://cacert.org and manually including their certs in your device's trust
store.

.hc

Greg Troxel:
> 
> (I sent a version to the otr list before I found this list.)
> 
> I have up-to-date chatsecure from the guardianproject's f-droid
> compatible repo, on android 4.4.2.
> 
> I am trying to connect (without tor) to a private jabberd2 server that I
> admin.  The server requires tls, and works with many clients for ~100
> users, generally without issues.  I connect to it both direct and over
> tor with adium and pidgin.
> 
> On trying to sign in, chatsecure tells me the password is not valid.
> I'm really sure I typed it in right, and the server agrees:
> 
> Sat Apr 18 19:38:51 2015 [notice] [22] [10.1.2.3, port=40015] connect
> Sat Apr 18 19:38:52 2015 [notice] [22] DIGEST-MD5 authentication succeeded: gdt at example.com 10.1.2.3:40015 TLS
> Sat Apr 18 19:38:52 2015 [notice] [22] bound: jid=gdt at example.com/foo
> Sat Apr 18 19:38:52 2015 [notice] session started: jid=gdt at example.com/foo
> Sat Apr 18 19:38:52 2015 [notice] [22] [10.1.2.3, port=40015] disconnect jid=gdt at example.com/foo, packets: 2
> Sat Apr 18 19:38:52 2015 [notice] session ended: jid=gdt at example.com/foo
> Sat Apr 18 19:38:52 2015 [notice] user unloaded jid=gdt at example.com
> 
> This is an actual server log (mix of c2s and sm), with IP address,
> server name, and resource all blinded.
> 
> Someone else is having the same problem with my server with chatsecure
> (including the same success in the log).  However, they are able to log
> into an ejabberd-hosted server.  (I don't have any accounts at an
> ejabberd-hosted server.)
> 
> logcat shows:
> 
> I/Database( 5628): sqlite returned: error code = 284, msg = automatic index on providers(category)
> 
> as well as some happy-looking messages about accepting the certificate.
> 
> Thanks,
> Greg
> 
> 
> 
> _______________________________________________
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org
> 

-- 
PGP fingerprint: 5E61 C878 0F86 295C E17D  8677 9F0F E587 374B BE81
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20150421/6cbbd69e/attachment.sig>


More information about the guardian-dev mailing list