3 Replies Latest reply on Sep 16, 2016 5:27 PM by Matze

    Openfire 4.0.3 on centos7 x64 - no admin interface

    Matze

      Hi,

       

      I have a freshly installed centos7 x64

       

      - selinux is disabled (SELINUX=disabled)

      - firewall is disabled (systemctl disable firewalld)

       

      - installed mariadb, created db and dbuser

      - installed glibc.i686 and libldb.i686 and zlib.i686 (out of desparation)

      - installed java-1.8.0-openjdk-headless.x86_64

       

      - downloaded openfire 4.0.3 rpm file, installed with rpm -i openfire-4.0.3-1.i386.rpm

       

      at first, openfire did only listen on ipv6... set the OPENFIRE_OPTS="-Djava.net.preferIPv4Stack=true" setting

      netstat shows

      tcp    0 0.0.0.0:9090        0.0.0.0:*           LISTEN

       

      however, I can not connect to url:9090 or ip:9090

      I did a portscan from external: Discovered open port 9090/tcp on 37.xxx.xxx.xxx

       

      when I try to connect from localhost with w3m 127.0.0.1:9090 it doesnt work

      when I try to connect from external (firefox) at 37.xxx.xxx.xxx:9090 it doesnt work

       

      systemctl status openfire.service shows:

       

      Loaded: loaded (/etc/rc.d/init.d/openfire)

         Active: active (running) since Di 2016-09-13 14:43:46 CEST; 11min ago

           Docs: man:systemd-sysv-generator(8)

        Process: 3609 ExecStop=/etc/rc.d/init.d/openfire stop (code=exited, status=0/SUCCESS)

        Process: 3647 ExecStart=/etc/rc.d/init.d/openfire start (code=exited, status=0/SUCCESS)

      Main PID: 3659 (java)

         CGroup: /system.slice/openfire.service

                 ‣ 3659 /usr/lib/jvm/jre-1.8.0/bin/java -server -Djava.net.preferIPv4Stack=true -DopenfireHome=/opt/openf...

       

      Sep 13 14:43:45 test.url.com systemd[1]: Starting SYSV: Openfire is an XMPP server, which is a server tha...t....

      Sep 13 14:43:45 test.url.com su[3657]: (to daemon) root on none

      Sep 13 14:43:45 test.url.com openfire[3647]: Starting openfire:

      Sep 13 14:43:46 test.url.com systemd[1]: Started SYSV: Openfire is an XMPP server, which is a server that...hat..

      Hint: Some lines were ellipsized, use -l to show in full.

       

      error.log shows:

      2016.09.13 14:43:47 org.jivesoftware.util.JiveGlobals - XML properties file must be writable: security.xml

      2016.09.13 14:43:48 org.jivesoftware.openfire.container.AdminConsolePlugin - An exception occurred while trying to make available the admin console via HTTPS.

       

      all.log shows:

      2016.09.13 14:43:40 INFO  [Thread-0]: org.jivesoftware.openfire.XMPPServer - Server halted

      2016.09.13 14:43:47 INFO  [main]: org.jivesoftware.openfire.XMPPServer - Registering shutdown hook (standalone mode)

      2016.09.13 14:43:47 ERROR [main]: org.jivesoftware.util.JiveGlobals - XML properties file must be writable: security.xml

      2016.09.13 14:43:47 INFO  [main]: org.jivesoftware.openfire.XMPPServer - Openfire 4.0.3 [Sep 13, 2016 2:43:47 PM]

      2016.09.13 14:43:48 ERROR [pool-1-thread-1]: org.jivesoftware.openfire.container.AdminConsolePlugin - An exception occurred while trying to make available the admin console via HTTPS.

      2016.09.13 14:43:49 INFO  [pool-1-thread-1]: org.jivesoftware.util.cache.CacheFactory - Created cache [org.jivesoftware.util.cache.DefaultLocalCacheStrategy] for Favicon Misses

      2016.09.13 14:43:49 INFO  [pool-1-thread-1]: org.jivesoftware.util.cache.CacheFactory - Created cache [org.jivesoftware.util.cache.DefaultLocalCacheStrategy] for Favicon Hits

      2016.09.13 14:43:49 INFO  [pool-1-thread-1]: org.jivesoftware.openfire.container.AdminConsolePlugin - Admin console listening at http://test.url.com:9090

       

      please help, need advice!

        • Re: Openfire 4.0.3 on centos7 x64 - no admin interface
          Jim

          What does the following command show?

           

          sudo nmap -sT -O localhost

            • Re: Openfire 4.0.3 on centos7 x64 - no admin interface
              Matze

              nmap: command not found ...

               

              ok ok!

               

              Starting Nmap 6.40 ( http://nmap.org ) at 2016-09-14 22:04 CEST

              RTTVAR has grown to over 2.3 seconds, decreasing to 2.0 (repeated ~20x)

              Nmap scan report for localhost (127.0.0.1)

              Host is up (0.000047s latency).

              Other addresses for localhost (not scanned): 127.0.0.1

              Not shown: 990 closed ports

              PORT      STATE SERVICE

              25/tcp    open  smtp

              80/tcp    open  http

              143/tcp   open  imap

              389/tcp   open  ldap

              587/tcp   open  submission

              993/tcp   open  imaps

              3306/tcp  open  mysql

              9090/tcp  open  zeus-admin

              10024/tcp open  unknown

              10025/tcp open  unknown

              No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).

              TCP/IP fingerprint:

              OS:SCAN(V=6.40%E=4%D=9/14%OT=25%CT=1%CU=31852%PV=N%DS=0%DC=L%G=Y%TM=57D9AD5

              OS:2%P=x86_64-redhat-linux-gnu)SEQ(SP=FE%GCD=1%ISR=108%TI=Z%CI=I%II=I%TS=A)

              OS:OPS(O1=MFFD7ST11NW7%O2=MFFD7ST11NW7%O3=MFFD7NNT11NW7%O4=MFFD7ST11NW7%O5=

              OS:MFFD7ST11NW7%O6=MFFD7ST11)WIN(W1=AAAA%W2=AAAA%W3=AAAA%W4=AAAA%W5=AAAA%W6

              OS:=AAAA)ECN(R=Y%DF=Y%T=40%W=AAAA%O=MFFD7NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=

              OS:O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD

              OS:=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0

              OS:%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1

              OS:(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI

              OS:=N%T=40%CD=S)

               

              Network Distance: 0 hops

               

              OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .

              Nmap done: 1 IP address (1 host up) scanned in 11.84 seconds