using Pidgin with CISCO Jabber
… because one can use FLOSS to chat, XMPP is an open standard, and an offical client is not available for GNU/Linux.
Step by Step
Prepare
- download Pidgin (if no recent versions are available for a given distribution, one can use flatpak)
- install openssl
- have a registered CUCM account and enable "Password for third-party XMPP clients" in TK-Portal1.
Basics
-
So which server do we have to talk to?
From my experience,cucm-imp-1.itc.rwth-aachen.de
does just fine for XMPP. -
Which login to use?
The user id seems to be in the formlastName.institute@uc.rwth-aachen.de
.
A password can be set in the TK-Portal1 with the option "Password for third-party XMPP clients".
The Certificate
Sadly, the server to which to connection is established, uses a self-signed certificate. Obviously, the client will complain about it. It is necessary to explicitly allow this cert.
$ openssl s_client -connect cucm-imp-1.pbx.rwth-aachen.de:5222 -starttls xmpp
CONNECTED(00000003)
depth=0 C = DE, O = RWTH Aachen, OU = IT Center, CN = cucm-imp-1-EC.pbx.rwth-aachen.de, ST = Nordrhein-Westfalen, L = Aachen
verify error:num=18:self signed certificate
verify return:1
depth=0 C = DE, O = RWTH Aachen, OU = IT Center, CN = cucm-imp-1-EC.pbx.rwth-aachen.de, ST = Nordrhein-Westfalen, L = Aachen
verify return:1
---
# [...]
Server certificate
-----BEGIN CERTIFICATE-----
# [...]
-----END CERTIFICATE-----
# [...]
The certificate can be copied from the output and saved to a file.
Something like cucm-imp-1.pbx.rwth-aachen.de.pem
.
In Pidgin, under > Tools > Certificates all stored certificates are shown and the new one can be added.
Adding an Account
In Pidgin, under > Accounts > Manage Accounts, a new account can be added:
- Tab Basics
- Protocol: XMPP
-
Username: somthing in the form of
lastName.institute
should work (see "Basics" above) - Domain: uc.rwth-aachen.de
- Resource (optional): a fancy name for the client as shown to XMPP contacts
- Password: the password set in TK-Portal1 (see "Basics" above)
- Tab Advanced
- Connection security: Require encryption
- Connect port: 5222
- Connect server: cucm-imp-1.pbx.rwth-aachen.de
Now the account should be ready to use. Happyt chatting!
Additional Features
Join Group Chats
- Under > Tools > Plug-ins enable "XMPP Service Discovery".
- Open > Tools > XMPP Service Discovery > XMPP Service Discovery.
- Press the "Browse" button.
- Enter
uc.rwth-aachen.de
when asked "Select XMPP server to query" and press the "Find Services" button. - In the list there should appear some "conference-…" entries with the description "Text Conferencing"
- Expand those entries and scroll trough the list of available group chats.
- Double-clicking a group chat will open a dialog "Add Chat" to add this chat to ones account.
- It might be necessary to enter a password here.
- The process is completed by pressing the "Add" button.
- Now an existing group chat was added to the contact/chat list and can be accessed from there. (If the account is permitted to join.)
Creating Group Chats
- Open > Buddies > Add Chat.
- Execute the service discovery as for joining a chat, to get available conference servers and check for used room named.
- For the field Server choose one of the conference servers.
- For the field Room choose an identifier not already taken.
- Press the "Add" button.
- In the chat/contact list, navigate to the added room and double-click it.
- A "Create New Room" promt should appear.
- There one can either accept the defaults or proceed with customising the room settings (user limit, who can join, password, etc.).
- Now the room can be double-clicked again and a chat window should open.
- Users can be invited using "> Conversation > Invite".
Be Aware
- This XMPP server does not support federated chatting and will refuse to talk to users on other XMPP servers, like jabber.rwth-aachen.de.
- This XMPP server does not store messages itself, only the local history is available.
- This is not an officially supported way of using the system! Use at your own risk!
Footnotes
-----BEGIN CERTIFICATE-----
MIIDBTCCAoygAwIBAgIQS9g2WKHl+pQx/flPxCbWqDAKBggqhkjOPQQDAzCBkTEL
MAkGA1UEBhMCREUxFDASBgNVBAoMC1JXVEggQWFjaGVuMRIwEAYDVQQLDAlJVCBD
ZW50ZXIxKTAnBgNVBAMMIGN1Y20taW1wLTEtRUMucGJ4LnJ3dGgtYWFjaGVuLmRl
MRwwGgYDVQQIDBNOb3JkcmhlaW4tV2VzdGZhbGVuMQ8wDQYDVQQHDAZBYWNoZW4w
HhcNMTkwNzAyMTMwNDQ2WhcNMjQwNjMwMTMwNDQ1WjCBkTELMAkGA1UEBhMCREUx
FDASBgNVBAoMC1JXVEggQWFjaGVuMRIwEAYDVQQLDAlJVCBDZW50ZXIxKTAnBgNV
BAMMIGN1Y20taW1wLTEtRUMucGJ4LnJ3dGgtYWFjaGVuLmRlMRwwGgYDVQQIDBNO
b3JkcmhlaW4tV2VzdGZhbGVuMQ8wDQYDVQQHDAZBYWNoZW4wdjAQBgcqhkjOPQIB
BgUrgQQAIgNiAAQlVMXRdEg+wToqEzNNC4kPbv6tIR0Emgdd3AEqn9E4zPdK9aCy
Sb6z6qrp5kdXei1hNglLYq1UFpMXOsneEx7yjslud0ajIo9CRmSqGEMK1Kn81Udh
A6JcCiOS5ExN0CCjgaYwgaMwCwYDVR0PBAQDAgK8MCcGA1UdJQQgMB4GCCsGAQUF
BwMBBggrBgEFBQcDAgYIKwYBBQUHAwUwHQYDVR0OBBYEFBeBrPLJf8o8ZGNB/ACj
VYsTGnlPMBIGA1UdEwEB/wQIMAYBAf8CAQAwOAYDVR0RBDEwL4IdY3VjbS1pbXAt
MS5wYngucnd0aC1hYWNoZW4uZGWCDnJ3dGgtYWFjaGVuLmRlMAoGCCqGSM49BAMD
A2cAMGQCMH26ArFEb17+F9qtYwDMQzbFpmoaR3brp8VhKxw7b2uox4dVRaC7PWyP
3cprIw6pGwIwXLzsdrSe8aPjC0SPBUrtMsFTY8f495OnQaweO5hjmk9a+Rj4Dixa
E4vqEED252Ui
-----END CERTIFICATE-----