So, part of my lunch time fun task was to try and get the latest Google Wave FedOne server code working against one of my XMPP servers – sure, no problem, i’m an “XMPP Guru” right…

Yea, except for the damn thing is written in Java so any error message involves spelunking thru 3 screens worth of tracebacks :)

For example, I was trying to startup the server and kept getting this error:

Exception in thread “main” com.google.inject.ProvisionException: Guice provision errors:
1) Error injecting constructor, java.lang.ArrayIndexOutOfBoundsException: -126
at org.waveprotocol.wave.examples.fedone.waveserver.WaveSignerProvider.<init>(WaveSignerProvider.java:60)
at org.waveprotocol.wave.examples.fedone.waveserver.WaveSignerProvider.class(WaveSignerProvider.java:39)
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveSignerProvider
while locating org.waveprotocol.wave.crypto.WaveSigner
for parameter 1 at org.waveprotocol.wave.examples.fedone.waveserver.CertificateManagerImpl.<init>(CertificateManagerImpl.java:76)
while locating org.waveprotocol.wave.examples.fedone.waveserver.CertificateManagerImpl
at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerModule.configure(WaveServerModule.java:79)
while locating org.waveprotocol.wave.examples.fedone.waveserver.CertificateManager
for parameter 0 at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl.<init>(WaveServerImpl.java:395)
at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl.class(WaveServerImpl.java:65)
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveServerImpl
at org.waveprotocol.wave.examples.fedone.waveserver.WaveServerModule.configure(WaveServerModule.java:81)
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveServer
while locating org.waveprotocol.wave.examples.fedone.waveserver.WaveletFederationProvider annotated with @org.waveprotocol.wave.examples.fedone.waveserver.FederationHostBridge()
for parameter 0 at org.waveprotocol.wave.examples.fedone.federation.xmpp.XmppFederationHost.<init>(XmppFederationHost.java:60)
at org.waveprotocol.wave.examples.fedone.federation.xmpp.XmppFederationHost.class(XmppFederationHost.java:45)
while locating org.waveprotocol.wave.examples.fedone.federation.xmpp.XmppFederationHost
for parameter 7 at org.waveprotocol.wave.examples.fedone.federation.xmpp.WaveXmppComponent.<init>(WaveXmppComponent.java:159)
at org.waveprotocol.wave.examples.fedone.federation.xmpp.WaveXmppComponent.class(WaveXmppComponent.java:54)
while locating org.waveprotocol.wave.examples.fedone.federation.xmpp.WaveXmppComponent1 error
at com.google.inject.internal.InjectorImpl$4.get(InjectorImpl.java:770)
at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:796)
at org.waveprotocol.wave.examples.fedone.ServerMain.run(ServerMain.java:61)
at org.waveprotocol.wave.examples.fedone.ServerMain.main(ServerMain.java:50)
Caused by: java.lang.ArrayIndexOutOfBoundsException: -126
at org.apache.commons.codec.binary.Base64.isBase64(Base64.java:137)

After foolishly trying to Google for that Java exception (lots of hits with nothing to do with Google Wave) I figured – let me go read the instructions again…

Buried (well, ok, not buried but still it is at the bottom of the page) on this Certificates page, which is linked from the install page, is a command line example that holds the key clue:

openssl pkcs8 -topk8 -nocrypt -out ssl.key.der < ssl.key.pem

I also had to convert the certificate from PEM:

openssl x509 -in ssl.cert.pem -inform PEM -out ssl.cert.der -outform DER

and to be safe/certain, I stored both of them local to the wave component.

The code is expecting the key and the certificate to be in PKCS8-PEM format and not just plain PEM format. Hope this helps someone find the solution faster than I did :)

note: edited to include more detail on the openssl commands to convert key and certificate

In order to start testing some code with the new Google Wave federation server I was setting up a new XMPP server and ran into a small glitch when I got to the SSL Cert part of the install :) (I *always* have trouble with ssl certs it seems, been doing this stuff for years and *still* get it wrong!)

What the certificate sites don’t normally tell you is that you need to include the Certificate Authority’s (aka CA) root certificate along with your new site certificate – that way when the remote user/client requests your cert it has all of the authority chain it needs in one handy package. The way to do this is to simply append the CA’s cert (they are just ASCI files after all) after your site cert:

cat ca.cert site.cert > /etc/ssl/certs/foo.cert

After doing that restart your XMPP server and it should work!

If you are taking advantage of StartCom’s free XMPP Certificate, then you need to download the proper one – they don’t make it easy to find!

http://www.startssl.com/certs/sub.class1.server.ca.pem

Much thanks to the Prosody team (MattJ, Flo and darkrain) for the debugging help to figure all of this out!

Came back into the office to what had to be the tail end of Dax doing some hacking :)

And here it just looks like he has spent all night reading the FriendFeed stream.

But most of the time, this is how I find my desk in the morning.

A great quote I just heard while listening to Merlin Mann’s latest video:

A knowledge worker has to figure out his or her own job every day and then do something about it.

That really made me sit up and take notice because it’s something I have to do every day myself when I switch between doing developer support, tools management, server support and operations – and that’s just the $dayjob.

I’ve often wondered why, as I sit at the end of the day, i’ve looked at my todo list and very few items have been worked on but yet i’ve done a full days work.

Again, just an observation about the obvious probably :) – have no idea if it’s needs fixing or not.

I often get back to my office and find that Dax, one of the four stray cats we’ve adopted, has decided that my desk is now his.

Here is Dax:

I’ll have to find a better picture of him later – but even this picture shows him crawling out from behind the cubby-hole I put all of the switches and routers.

This morning I entered the office and found the laptop lid closed (i’ve been leaving it partially open to prevent him from laying on the keyboard) so I opened it and started the day. About an hour or so into the day I go to click on one of my bookmark toolbar links and find that a new one has appeared and it’s named “ZZZZZZZZZZZ” and points to http://Z/

So, not only did he manage to get on the keyboard, but also to pop up the browser save dialog box *and* save a new bookmark!

After telling that to my SBH she said I should blog about it, so I am :) I’m sure there will be more Dax Diary entries to come.