Complete guide on how to install Openfire XMPP chat server on Centos 7.x

Openfire is a powerful instant messaging (IM) and chat server using the XMPP / Jabber protocol. Openfire is a very popular Messaging (Chat) and Presence Server, it is the basis of a series of products using XMPP, and it is said to be extensible, which means that its features can be enhanced, especially using plugins such as Asterisk IM There are many more plugins like this.

For Ubuntu 18.04 / Ubuntu 16.04, please check: How to install Openfire XMPP chat server on Ubuntu 18.04 / Ubuntu 16.04

Openfire can also be defined as a real-time collaboration (RTC) server that requires clients to use it, but a large number of clients supporting the XMPP protocol are available. The most popular product designed by the same developer for Openfire is Spark.

XMPP (Extensible Messaging and Status Protocol) is a widely used open protocol for instant messaging. It is an XML-based real-time communication protocol (including chat).
Openfire provides some cool features, such as:

  • MySQL, Oracle, PostgreSQL and embedded databases support user details and message storage.
  • LDAP integration support
  • Supports both TLS and SSL for security
  • Web GUI Configuration Manager
  • Spark IM client integration
  • Many plugins to extend its functionality
  • Clustering to avoid single points of failure
  • Integration with other external IM servers

The installation of Openfire is very simple and we will cover it in this document. Since we are using CentOS server, you need to install and update / upgrade CentOS server. If you are a fresh install of CentOS, the first tasks performed after a fresh install of CentOS 7 Minimum may help.

You can get the latest stable CentOS distribution from (if it is not done yet).
Please follow the steps below to install.

Step 1: Update and upgrade the system

# yum -y update
# yum -y upgrade 
# yum -y install wget
# cd /tmp/

Step 2: Download and install all required packages

You need to install the following packages

  • MariaDB: Manage Database System
  • zlib and glibc libraries
  • Open fire

1. Install the required missing libraries.

 [[email protected] ~]# yum -y install epel-release
 [[email protected] ~]# yum -y install glibc.i686
 [[email protected] ~]# yum -y install zlib.i686 libstdc++.i686

2. Download and install the JDK (optional).

[pastacode lang=”bash” message=”” highlight=”” provider=”manual” manual=”%C2%A0%5Broot%40openfire-cloud%20~%5D%23%20mkdir”/]

Add the following lines to the end of the / etc / profile file.

 [[email protected] ~]# vim /etc/profile

Then add the following to the end of the file.

export JAVA_HOME=/usr/java/default
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar

Source file / etc / profile.

 [[email protected] ~]# source /etc/profile

Your Java environment should be successfully installed.

3. Install Java Connector for mysql

 [[email protected] ~]# yum install java libldb.i686 mysql-server mysql-connector-java

4. Download and install Openfire
Download the Openfire package. You can get the latest version from the download link. At the time of this writing, the latest version is Openfire 4.2.3. I will download it using wget.

# wget 
-O openfire-4.2.3.rpm

Install it now:

# yum localinstall openfire-4.2.3.rpm

Configure PAM for Openfire

# cp -Rp /etc/pam.d/system-auth /etc/pam.d/openfire

Change the user running the Openfire daemon from the daemon to root

# vim /etc/sysconfig/openfire

Launch Openfire and make it launch at startup

# systemctl start openfire.service
# chkconfig openfire on

Confirm it is running

# systemctl status openfire

Complete guide on how to install Openfire XMPP chat server on Centos 7.x

Install and configure MariaDB database

 [[email protected] ~]# yum -y install mariadb-server mariadb
 [[email protected] ~]# systemctl start mariadb
 [[email protected] ~]# systemctl enable mariadb

Confirm that the database is running

[[email protected] ~]# systemctl status mariadb
● mariadb.service - MariaDB database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2016-03-25 10:27:39 EAT; 1h 30min ago
 Main PID: 2127 (mysqld_safe)
   CGroup: /system.slice/mariadb.service
           ├─2127 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
           └─2394 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql...

Mar 25 10:27:35 openfire-cloud systemd[1]: Starting MariaDB database server...
Mar 25 10:27:36 openfire-cloud mysqld_safe[2127]: 160325 10:27:36 mysqld_safe...
Mar 25 10:27:36 openfire-cloud mysqld_safe[2127]: 160325 10:27:36 mysqld_safe...
Mar 25 10:27:39 openfire-cloud systemd[1]: Started MariaDB database server.
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]#

Configuration database

 [[email protected] ~]# mysql_secure_installation

When asked for the database password, press Enter (if not already set). Then set the root password and save the changes.

[pastacode lang=”bash” message=”” highlight=”” provider=”manual” manual=”%C2%A0%5Broot%40openfire-cloud%20~%5D%23%20mysql%20-u%20root%20-p%0AMariaDB%3E%20create%20database%20openfire%3B%0AMariaDB%3E%20GRANT%20ALL%20PRIVILEGES%20ON%20openfire.*%20TO%20openfire%40localhost%20IDENTIFIED%20BY%20’openfire’%3B%0AMariaDB%3E%20flush%20privileges%3B%20%0AMariaDB%3E%20use%20openfire%3B%0AMariaDB%3E%20source%20%2Fopt%2Fopenfire%2Fresources%2Fdatabase%2Fopenfire_mysql.sql%3B%0AMariaDB%3E%20exit%C2%A0″/]

If you are running a firewall firewall, you must accept allowed packets on TCP ports 9090 and 9091

firewall-cmd --zone=public --add-port=9090/udp --permanent
firewall-cmd --zone=public --add-port=9090/tcp --permanent 
firewall-cmd --zone=public --add-port=9091/udp --permanent
firewall-cmd --zone=public --add-port=9091/tcp --permanent

Reload the Firewalld daemon

 [[email protected] ~]# firewall-cmd --reload

To access the GUI, you will use the server’s IP address and port 9090. First, install the net-tools package to check the IP address of the openfire server using ifconfig.

 [[email protected] ~]# yum -y install net-tools
 [[email protected] ~]# ifconfig

Complete guide on how to install Openfire XMPP chat server on Centos 7.x

You can also use the ip addr show command to get your IP address.

 [[email protected] ~]# ip addr show

To access the Openfire website management interface, use;

Complete guide on how to install Openfire XMPP chat server on Centos 7.x

Select the default language and click Continue. On the server settings, set up your domain and click the Continue button.

Complete guide on how to install Openfire XMPP chat server on Centos 7.x

We will use the following configuration parameters.
Database driver preset: MySQL
JDBC driver class: com.mysql.jdbc.Driver
Database URL: jdbc: mysql: // useUnicode = true & characterEncoding = UTF-8 & characterSetResults = UTF-8
Username: openfire
Password: openfire

Complete guide on how to install Openfire XMPP chat server on Centos 7.x

Complete guide on how to install Openfire XMPP chat server on Centos 7.x

Click Continue and use the default options in the profile settings; if you have an LDAP server and users are using systems in the network, you can choose LDAP.

Screenshot 2
Then proceed to set the user email and administrator user password. Then complete the installationScreenshot 4

On the Login page, enter admin as the username and use the password you set in the previous step.

திரைபிடிப்பு2013-09-24 12_23_08

You should now see the Server Manager window.

Complete guide on how to install Openfire XMPP chat server on Centos 7.x
that’s it. The next article will cover adding users and implementing a simple communication network.

extra information

Open port in firewall
If you are using iptables, you may need to open the port used by the openfire and Openfire client connection ports. These ports are 5222, 7777, 9090, 9091 of udp and tcp. Replace eth1 with your network interface card.

[pastacode lang=”bash” message=”” highlight=”” provider=”manual” manual=”iptables%20-A%20INPUT%20-p%20tcp%20-i%20eth1%20%E2%80%93dport%205222%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20udp%20-i%20eth1%20%E2%80%93dport%205222%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20tcp%20-i%20eth1%20%E2%80%93dport%207777%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20udp%20-i%20eth1%20%E2%80%93dport%207777%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20tcp%20-i%20eth1%20%E2%80%93dport%209090%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20udp%20-i%20eth1%20%E2%80%93dport%209090%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20tcp%20-i%20eth1%20%E2%80%93dport%209091%20-j%20ACCEPT%0Aiptables%20-A%20INPUT%20-p%20udp%20-i%20eth1%20%E2%80%93dport%209091%20-j%20ACCEPT”/]

Now, reload iptables to affect the changes.

# iptables-restore < /etc/sysconfig/iptables

If you are using firewalld, here is the complete list of commands to run.

[pastacode lang=”bash” message=”” highlight=”” provider=”manual” manual=”firewall-cmd%20–zone%3Dpublic%20–add-port%3D9090%2Fudp%20–permanent%C2%A0%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D9090%2Ftcp%20–permanent%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D5222%2Fudp%20–permanent%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D5222%2Ftcp%20–permanent%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D9091%2Fudp%20–permanent%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D9091%2Ftcp%20–permanent%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D7777%2Fudp%20–permanent%0Afirewall-cmd%20–zone%3Dpublic%20–add-port%3D7777%2Ftcp%20–permanent”/]

Reload the firewall:

 [[email protected] ~]# firewall-cmd --reload

To get the list of ports we added to the public zone, run:

[[email protected]]~# firewall-cmd --list-ports   
9090/udp 5061/udp 9091/udp 9090/tcp 5222/udp 5060/udp 7777/udp 4569/udp 5060/tcp 9091/tcp 10000-20000/udp 7777/tcp 5222/tcp 5061/tcp 5038/tcp
[[email protected]]~#

If you have multiple IPv4 network interfaces, remember to activate IP forwarding:

[pastacode lang=”bash” message=”” highlight=”” provider=”manual” manual=”%5Broot%40openfire-cloud%5D~%23%20echo%20%22net.ipv4.ip_forward%3D1%22%20%3E%3E%20%2Fetc%2Fsysctl.conf%20%0A%5Broot%40openfire-cloud%5D~%23%20sysctl%20-p%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%20%0Anet.ipv4.ip_forward%20%3D%201%0A%5Broot%40openfire-cloud%5D~%23″/]

that's it. You should now have a working Openfire XMPP server. The next things to do include reading:

Configure mapping between Openfire XMPP users and Asterisk SIP users

How to integrate Openfire XMPP chat server with Asterisk PBX server