Jabber-net connect to Cisco Jabber

[cguanes]

I'm trying to connect to Cisco Jabber using the send message example but it looks like Cisco Jabber requires some "legacy ssl" connection which I'm not sure what exactly it mean.
I tried using System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls;
but I keep getting "Not-authorized" with the j.SSL = false;
if I change to True, I get " Authentication failed because the remote party has closed the transport stream."
We have Jetbrains youtrack installed and it is working with Jabber integration with the option "legacySSL=On"

How can I make this work with Cisco XMPP ?

Thanks

[ForNeVeR]

We already had a conversation about some Cisco product, but for now I still have no idea what the "CISCO CUCM" or "Cisco Jabber" is :(

Could you please show a stacktrace and some application logs?

[ForNeVeR]

If you would explain to me what is the "legacy SSL" and how's it different from the "actual SSL", then I could try to fix the issue in the library.

[cguanes]

I believe the error that I'm getting is similar to the other conversation on "CISCO CUCM".
Unfortunately I don't know what Jetbrains Youtrack implemented as "LegacySSL" either. And I couldn't find more information googling for it.
It shows the same thing in Jenkins, maybe this can help: https://issues.jenkins-ci.org/browse/JENKINS-2699. Maybe the connection need to fall to SSL2 or SSL1

[ForNeVeR]

Alright, this sheds some light onto what the "legacy SSL" is: https://github.com/RestComm/jain-slee.xmpp/blob/77cfa474c0e04a38f6f854837fbd7fcfd4e216f2/resources/xmpp/library/src/main/java/org/jivesoftware/smack/SSLXMPPConnection.java

So, the modern approach seem to be to use a dedicated SSL port, and this one just dynamically negotiates SSL over the existing port.

[cguanes]

That is great!, trying to use older security protocols didn't make any sense (and I could not find the way to do that in w10) Then I read somebody talking about using port 5223, but doing just that didn't work either (too simples to be true). Sent from mobile

…

On Oct 26, 2019, at 1:57 AM, Friedrich von Never ***@***.***> wrote:  Alright, this sheds some light onto what the "legacy SSL" is: https://github.com/RestComm/jain-slee.xmpp/blob/77cfa474c0e04a38f6f854837fbd7fcfd4e216f2/resources/xmpp/library/src/main/java/org/jivesoftware/smack/SSLXMPPConnection.java So, the modern approach seem to be to use a dedicated SSL port, and this one just dynamically negotiates SSL over the existing port. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[cguanes]

Alright, this sheds some light onto what the "legacy SSL" is: https://github.com/RestComm/jain-slee.xmpp/blob/77cfa474c0e04a38f6f854837fbd7fcfd4e216f2/resources/xmpp/library/src/main/java/org/jivesoftware/smack/SSLXMPPConnection.java

So, the modern approach seem to be to use a dedicated SSL port, and this one just dynamically negotiates SSL over the existing port.

Will you be able to implement something like that?
Right now this is what I'm getting (replaced domain.com)
(using SSL = false)
SEND: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" id="cedb8676" xmlns="jabber:client" to="domain.com" version="1.0">
RECV: <stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' xml:lang='en-US.UTF-8' id='18B27853BF4C' from='domain.com' version='1.0'>
RECV: stream:features</stream:features>
SEND:
RECV:
SEND: <stream:stream xmlns:stream="http://etherx.jabber.org/streams" id="b54f621e" xmlns="jabber:client" to="domain.com" version="1.0">
RECV: <stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' xml:lang='en-US.UTF-8' id='18B27853BF4C' from='domain.com' version='1.0'>
RECV: stream:featuresPLAINCISCO-VTG-TOKENOAUTHBEARER</stream:features>
SEND: AG93YW5qYWJiZXJAcnRhLmNvbQBJd2FuZW1hNzh5ZXM=
RECV:

When I use SSL=True, I just get the error "Authentication failed because the remote party has closed the transport stream."

[ForNeVeR]

I believe so.