MacCentric Solutions is an Apple-certified Macintosh consultancy & systems integrator serving the San Francisco Bay Area.
Have you configured an SSL certificate with Jabber Server on Leopard Server, only to find you can’t make any client connections?
Check out the Jabber service log in Server Admin. If you see the error, “failed to load local SSL pemfile, SSL will not be available to clients,” then the following steps will probably fix it for you.
1. Edit the file /etc/jabberd/c2s.xml (I prefer to use the pico text editor via Terminal, though any editor that will allow you root access to the file will work).
2. Comment out the lines beginning with <cachain> — there are two <cachain> lines; make sure you comment them both!
3. Make sure the all the lines beginning with <pemfile> point to the correct .crtkey file in /etc/certificates. If you’re not using the Default self-signed SSL certificate, for some reason Server Admin will not put the correct path to your signed certificate. Note: there are two <pemfile> lines; make sure you check them both!
We’re not sure why commenting out the <cachain> lines is necessary; if one is using a chained SSL certificate, it would make sense that these lines are required! We surmise the reason is that when you install an SSL certificate in Server Admin, you generally provide the chain file path during the installation; thus, providing it in the c2s.xml file would be redundant. However, this is just our guess.
(Note: your SSL certificate signing authority can tell you whether the SSL certificate you use requires chain files. However, as noted above, it seems to be irrelevant for the proper functioning of Jabber service as long as the certificate is properly installed in Server Admin.)