Re: Federation appears successful but can't see changes

[Rob]

On Jan 18, 6:42 pm, Jochen Bekmann <joc...@google.com> wrote:
> For now you need to disable Chat support on your Google domain admin page.

Ahh, on the Google Domain page, okay.  I thought you meant for my XMPP
server, which seemed odd.


> On Tue, Jan 19, 2010 at 11:03 AM, Rob <rkcor...@gmail.com> wrote:
> >  Also, is the error I mentioned something
> > to worry about? It's the following:
>
> > SEVERE: Failed to add our own signer info to the certificate store
> > org.waveprotocol.wave.crypto.SignatureException: Certificate
> > validation failure
>
> That looks like the certificate signed by your CA is either
> incorrectly configured or it's a CA not recognized by FedOne. Since
> you said earlier that "check-certificates" reported no problems, could
> you please give us some more information ? For starters which CA you
> used to get your certificate. You can check your cert using the
> following:
>
> openssl x509 -in <your certificate file> -text

It's an XMPP certificate signed by StartCom.  AFAIK, I followed the
installation guide step by step.

[r...@vps wave-protocol]# openssl x509 -in traitwise.com.cert.pem -
text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 67198 (0x1067e)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate
Signing, CN=StartCom Class 1 Primary Intermediate Server CA
        Validity
            Not Before: Jan  8 07:50:28 2010 GMT
            Not After : Jan  9 15:02:14 2011 GMT
        Subject: description=125499-qjkJ02avHDoCm56T, C=US, O=Persona
Not Validated, OU=StartCom Free Certificate Member,
CN=component.traitwise.com/emailaddress=webmas...@traitwise.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:c6:90:df:b0:ce:48:ed:25:71:2f:a1:56:d3:91:
                    20:81:c8:b8:a5:44:c3:9d:3b:73:83:a5:3a:77:01:
                    00:b8:88:df:8f:ba:8d:5d:5c:5e:c8:4b:09:41:8c:
                    54:ce:5b:9b:68:50:bc:2b:ef:05:a4:a7:78:41:1d:
                    78:75:ec:b4:ad:8b:c0:8a:02:af:6a:b6:2b:73:09:
                    f2:05:21:b3:86:9a:5d:00:20:ed:b6:74:8d:ee:0b:
                    b2:ca:17:16:01:7f:02:75:04:30:fb:9f:c8:04:bf:
                    3e:cd:fc:40:64:0f:99:05:bc:bf:23:d3:f8:d1:9e:
                    09:87:fd:8c:32:1b:69:a8:c8:5c:a0:aa:53:8e:9c:
                    56:76:03:a9:2a:18:94:67:97:2d:4c:df:d6:98:f5:
                    00:21:85:ed:fb:21:f7:df:90:7a:0d:5d:43:f1:c4:
                    9b:0d:04:8a:99:fb:9c:2b:c7:fc:e9:22:08:45:be:
                    1b:a5:54:f5:52:cc:84:5f:90:bb:58:37:92:a6:85:
                    bc:6d:60:ab:79:20:ba:57:35:d9:a2:c7:36:a5:98:
                    3d:ec:ac:fb:17:0d:12:62:ba:2b:fc:cc:89:d0:6d:
                    eb:39:5d:9d:ce:91:02:78:c2:41:2b:f4:9e:4a:f3:
                    52:e8:58:c5:25:18:26:0b:34:10:7e:62:41:8c:39:
                    ac:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints:
            CA:FALSE
            X509v3 Key Usage:
            Digital Signature, Key Encipherment, Key Agreement
            X509v3 Extended Key Usage:
            TLS Web Server Authentication
            X509v3 Subject Key Identifier:
            8D:CD:68:C4:EF:2A:C9:10:85:FC:E7:33:4E:9D:A3:E0:E2:A4:2D:
01
            X509v3 Authority Key Identifier:
            keyid:EB:42:34:D0:98:B0:AB:9F:F4:1B:6B:08:F7:CC:64:2E:EF:
0E:2C:45

            X509v3 Subject Alternative Name:
            DNS:component.traitwise.com, DNS:traitwise.com,
othername:<unsupported>, othername:<unsupported>
            X509v3 Certificate Policies:
            Policy: 1.3.6.1.4.1.23223.1.2.1
              CPS: http://www.startssl.com/policy.pdf
              CPS: http://www.startssl.com/intermediate.pdf
              User Notice:
                Organization: StartCom Ltd.
                Number: 1
                Explicit Text: Limited Liability, see section *Legal
Limitations* of the StartCom Certification Authority Policy available
at http://www.startssl.com/policy.pdf

            X509v3 CRL Distribution Points:
            URI:http://www.startssl.com/crt1-crl.crl
            URI:http://crl.startssl.com/crt1-crl.crl

            Authority Information Access:
            OCSP - URI:http://ocsp.startssl.com/sub/class1/server/ca
            CA Issuers - URI:http://www.startssl.com/certs/
sub.class1.server.ca.crt

            X509v3 Issuer Alternative Name:
            URI:http://www.startssl.com/
    Signature Algorithm: sha1WithRSAEncryption
        1f:af:36:ba:4e:5f:17:25:8b:06:2b:37:24:b2:48:5f:1c:48:
        cf:a0:c6:1f:4d:60:40:06:a3:fa:c0:50:42:ef:1b:e2:1b:5a:
        87:5d:cd:28:de:f9:a2:63:d5:37:d6:4e:e6:69:27:c2:f3:19:
        3c:30:fa:d8:b5:56:55:21:7d:d8:68:7e:58:ba:df:f0:ba:ac:
        1c:5a:5b:65:7f:75:e0:88:1f:6d:18:e2:49:cf:cd:3d:c2:e1:
        98:a4:d0:2b:53:cc:77:2b:0a:85:c6:6a:fa:83:fa:86:40:7c:
        9f:d8:76:09:47:f7:f9:e6:79:7d:89:51:ea:c9:cb:83:74:90:
        6e:60:28:91:40:19:ec:5a:a9:90:b8:77:0a:6d:f5:12:94:f8:
        ad:dc:f7:44:82:88:a1:32:fb:01:8d:44:85:22:0f:17:45:f9:
        4b:84:0a:88:bd:c5:d9:14:13:02:7c:80:9c:74:3b:70:f3:2a:
        65:8d:3c:7f:2e:0d:b5:a3:20:07:e0:41:40:f8:ec:ef:1c:1a:
        05:a0:29:20:64:7e:cc:3b:01:4c:23:99:78:c8:e6:69:e1:e5:
        a0:a7:36:d5:b9:82:44:9c:c0:aa:10:7b:cd:ff:7d:86:79:76:
        34:47:71:9e:45:52:ce:a5:d0:dc:78:46:bd:43:85:89:bd:ca:
        0b:ff:9d:d7


-- 
You received this message because you are subscribed to the Google Groups "Wave 
Protocol" group.
To post to this group, send email to wave-proto...@googlegroups.com.
To unsubscribe from this group, send email to 
wave-protocol+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/wave-protocol?hl=en.