Strophe,js + OpenFire + HTTPS
Troy
OpenFire's port 7443?
If so, has anyone had any successful attempts at this? I can get
Strophe to connect to 7070 unsecured, but I must be doing something
wrong in connecting to 7433.
Jamie Johnson
--
You received this message because you are subscribed to the Google Groups "Strophe" group.
To post to this group, send email to str...@googlegroups.com.
To unsubscribe from this group, send email to strophe+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/strophe?hl=en.
Troy Steinbauer
Ilya Braude
it actually generates one when it's first installed.
I just got Proxy with SSL working on my server by enabling the
SSLProxyEngine on
directive.
See [1], for a more complete config. Also see the SSLProxyXXXX
directives at [2].
Ilya
[1]
http://elsid.net/2007/08/31/how-to-get-apache-proxypass-working-with-ssl/
[2] http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
Troy Steinbauer wrote:
> I will try again. I spent a few hours trying to get it to connect and
> kept failing. It must be the apache configuration.
>
> On a side note, Wikipedia's OpenFire
> <http://en.wikipedia.org/wiki/Openfire> page states that it
> can handle SSL connections, but not with self-signed certs. I only
> currently have access to self signed certs. However I do believe I
> found an option in the OpenFire configuration page that allows
> self-signed.
>
> On Fri, Jul 23, 2010 at 6:31 PM, Jamie Johnson <jej...@gmail.com
> <mailto:jej...@gmail.com>> wrote:
>
> I will have to double check our implementation on Monday morning
> but I am 95% sure we have successfully connected libstrope via
> https. If I remember correctly you need to ensure that you have
> your apache proxy forwarding requests for https to the openfire
> server and the page must also be served via https. Again I can
> double check Monday but I believe that is all we needed to do.
>
>
> On Fri, Jul 23, 2010 at 2:12 PM, Troy <troyste...@gmail.com
> <mailto:troyste...@gmail.com>> wrote:
>
> First question: Can Strophe.js handle HTTPS BOSH connection to
> OpenFire's port 7443?
>
> If so, has anyone had any successful attempts at this? I can get
> Strophe to connect to 7070 unsecured, but I must be doing
> something
> wrong in connecting to 7433.
>
> --
> You received this message because you are subscribed to the
> Google Groups "Strophe" group.
> To post to this group, send email to str...@googlegroups.com
> <mailto:str...@googlegroups.com>.
> To unsubscribe from this group, send email to
> strophe+u...@googlegroups.com
> <mailto:strophe%2Bunsu...@googlegroups.com>.
> For more options, visit this group at
> http://groups.google.com/group/strophe?hl=en.
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "Strophe" group.
> To post to this group, send email to str...@googlegroups.com
> <mailto:str...@googlegroups.com>.
> To unsubscribe from this group, send email to
> strophe+u...@googlegroups.com
> <mailto:strophe%2Bunsu...@googlegroups.com>.
Troy Steinbauer
Troy
Strophe over HTTPS when the html is not served over HTTPS. Is this
possible? If so, how?
Simply setting the BOSH_SERVICE to 'https://<HOST>/http-bind/' will
not work if the original page was not served with HTTPS.
On Jul 24, 2:24 pm, Troy Steinbauer <troysteinba...@gmail.com> wrote:
> That first link was very helpful. I got it working, thanks so much.
>
> Now I won't be able to test this till Monday, but is there a way to get it
> to work when the page is not served over SSL? I want to see if I can get
> this running on an iPhone App natively, as in reading the html and
> javascript of the device and not a web host. Guess we will see!
>
>
>
> On Sat, Jul 24, 2010 at 10:38 AM, Ilya Braude <i...@drakontas.com> wrote:
> > OpenFire will do SSL and TLS with self-signed certs just fine. I think it
> > actually generates one when it's first installed.
>
> > I just got Proxy with SSL working on my server by enabling the
> > SSLProxyEngine on
> > directive.
>
> > See [1], for a more complete config. Also see the SSLProxyXXXX directives
> > at [2].
>
> > Ilya
>
> > [1]
>
> > Troy Steinbauer wrote:
>
> >> I will try again. I spent a few hours trying to get it to connect and kept
> >> failing. It must be the apache configuration.
>
> >> On a side note, Wikipedia's OpenFire <
> >>http://en.wikipedia.org/wiki/Openfire> page states that it can handle SSL
> >> connections, but not with self-signed certs. I only currently have access to
> >> self signed certs. However I do believe I found an option in the OpenFire
> >> configuration page that allows self-signed.
>
> >> jej2...@gmail.com>> wrote:
>
> >> I will have to double check our implementation on Monday morning
> >> but I am 95% sure we have successfully connected libstrope via
> >> https. If I remember correctly you need to ensure that you have
> >> your apache proxy forwarding requests for https to the openfire
> >> server and the page must also be served via https. Again I can
> >> double check Monday but I believe that is all we needed to do.
>
>
> >> First question: Can Strophe.js handle HTTPS BOSH connection to
> >> OpenFire's port 7443?
>
> >> If so, has anyone had any successful attempts at this? I can get
> >> Strophe to connect to 7070 unsecured, but I must be doing
> >> something
> >> wrong in connecting to 7433.
>
> >> --
> >> You received this message because you are subscribed to the
> >> Google Groups "Strophe" group.
> >> To post to this group, send email to str...@googlegroups.com
> >> <mailto:str...@googlegroups.com>.
>
> >> To unsubscribe from this group, send email to
> >> <mailto:strophe%2Bunsu...@googlegroups.com<strophe%252Bunsubscribe@goog legroups.com>
>
> >> For more options, visit this group at
> >> http://groups.google.com/group/strophe?hl=en.
>
> >> -- You received this message because you are subscribed to the
> >> Groups "Strophe" group.
> >> To post to this group, send email to str...@googlegroups.com
> >> <mailto:str...@googlegroups.com>.
>
> >> To unsubscribe from this group, send email to
> >> <mailto:strophe%2Bunsu...@googlegroups.com<strophe%252Bunsubscribe@goog legroups.com>
>
> >> For more options, visit this group at
> >> http://groups.google.com/group/strophe?hl=en.
>
> >> --
> >> You received this message because you are subscribed to the Google Groups
> >> "Strophe" group.
> >> To post to this group, send email to str...@googlegroups.com.
> >> To unsubscribe from this group, send email to
> >> For more options, visit this group at
> >>http://groups.google.com/group/strophe?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Strophe" group.
> > To post to this group, send email to str...@googlegroups.com.
> > To unsubscribe from this group, send email to
Jack Moffitt
> Strophe over HTTPS when the html is not served over HTTPS. Is this
> possible? If so, how?
>
> Simply setting the BOSH_SERVICE to 'https://<HOST>/http-bind/' will
> not work if the original page was not served with HTTPS.
Does it work if you use http://<Host>/http-bind/? Ie, still using the
full http URL?
My guess is that unless you are set up for Cross Orgin Resource
Sharing on your connection manager, this is considered a cross-domain
request and will fail.
Another workaround would be to use the strophe.flxhr.js plugin.
jack.
Troy
the page is served unsecurely. I also can connect to https://<HOST>/http-bind/
when the page IS served securely. What I think I would like to do is
connect to the secure BOSH connection from an unsecure page.
The long explanation is that I am trying to make an iPhone app that
reads HTML locally from the phone. When it does this, it does not
allow me to connect to the secure BOSH connection, only the unsecured.
I don't think that the flxhr plugin will work becasue that works by
inserting a flash item into the page right? iPhone can't do flash.
Jack Moffitt
> reads HTML locally from the phone. When it does this, it does not
> allow me to connect to the secure BOSH connection, only the unsecured.
> I don't think that the flxhr plugin will work becasue that works by
> inserting a flash item into the page right? iPhone can't do flash.
I think that CORS headers are your only option. You will probably want
to e-mail the Openfire guys about supporting CORS, hack it yourself
(it's just adding an extra two headers to each HTTP response, so it's
very simple), or use Punjab which can be a connection manager to any
XMPP server and does support CORS.
jack.