You can support us by downloading this article as PDF from the Link below. Download the guide as PDF

Openfire is a powerful instant messaging (IM) and chat server that uses XMPP/Jabber protocol. Openfire is a very popular Messaging (Chat) and Presence Server,It is the base for a range of products that use XMPP and as it says, it is Extensible, which means that its capabilities can be increased, especially with Plugins like Asterisk IM plugin and many more.

For Ubuntu 18.04 / Ubuntu 16.04, check: How to Install Openfire XMPP chat server on Ubuntu 18.04 / Ubuntu16.04

Openfire can be defined also as real-time collaboration (RTC) server that requires a client to use it, but heaps of clients that support the XMPP protocol are available. The most popular one delivered by same developers that designed openfire is the Spark.

XMPP( Extensible Messaging and Presence Protocol) is a widely adopted open protocol for instant messaging. It is a real-time communication protocol (which includes chat) based on XML.
Openfire provides cool features like:

  • MySQL,Oracle,PostgreSQL and embedded database support for user details and massages storage.
  • LDAP integration support
  • Support both TLS and SSL for security
  • Web GUI configuration manager
  • Spark IM client integration
  • A lot of plugins to extend its functionality
  • Clustering to avoid single point of failure
  • Integrating with other external IM servers

Installation of Openfire is pretty simple and we’ll cover it in this document. Since we’re using CentOS server, you’ll need installed and updated/upgraded CentOS server. If you have a fresh installation of CentOS, then this Top Things to do after fresh installation of CentOS 7 minimal can be helpful.

You can get a latest stable CentOS distribution from here: if you haven’t done it already.
Follow below steps to do the installation.

Step one: Update your system and upgrade it

# yum -y update
# yum -y upgrade 
# yum -y install wget
# cd /tmp/

Step Two: Download and Install all required Packages

You’ll need to install the following software packages

  • MariaDB: To manage database system
  • zlib and glibc libraries
  • Openfire

1. Install missing Libraries needed.

 [[email protected] ~]# yum -y install epel-release
 [[email protected] ~]# yum -y install glibc.i686
 [[email protected] ~]# yum -y install zlib.i686 libstdc++.i686

2. Download and install JDK ( Optional).

 [[email protected] ~]# mkdir -p /usr/src/openfire
 [[email protected] ~]# cd /usr/src/openfire
 [[email protected] ~]# curl -LO -H "Cookie: oraclelicense=accept-securebackup-cookie" ""
 [[email protected] ~]# rpm -Uvh jdk-8u71-linux-x64.rpm

Add the following lines to the end of /etc/profile file.

 [[email protected] ~]# vim /etc/profile

Then add the following to the end of the file.

export JAVA_HOME=/usr/java/default
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar

Source the file /etc/profile.

 [[email protected] ~]# source /etc/profile

Your Java Environment should be successfully installed.

3. Install java connector for mysql

 [[email protected] ~]# yum install java libldb.i686 mysql-server mysql-connector-java

4. Download and install Openfire
Download Openfire package. You can get the latest version from the Download link.As of this writing, the latest version is Openfire 4.2.3. I will download it with wget.

# wget \
-O openfire-4.2.3.rpm

Let’s now install it:

# yum localinstall openfire-4.2.3.rpm

Configure PAM for Openfire

# cp -Rp /etc/pam.d/system-auth /etc/pam.d/openfire

Change the User running Openfire Daemon from daemon to root

# vim /etc/sysconfig/openfire

Start Openfire and make it start at boot

# systemctl start openfire.service
# chkconfig openfire on

Confirm that it’s running

# systemctl status openfire

Install and configure MariaDB database

 [[email protected] ~]# yum -y install mariadb-server mariadb
 [[email protected] ~]# systemctl start mariadb
 [[email protected] ~]# systemctl enable mariadb

Confirm that the database is running

[[email protected] ~]# systemctl status mariadb
mariadb.service - MariaDB database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2016-03-25 10:27:39 EAT; 1h 30min ago
 Main PID: 2127 (mysqld_safe)
   CGroup: /system.slice/mariadb.service
           ├─2127 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
           └─2394 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql...

Mar 25 10:27:35 openfire-cloud systemd[1]: Starting MariaDB database server...
Mar 25 10:27:36 openfire-cloud mysqld_safe[2127]: 160325 10:27:36 mysqld_safe...
Mar 25 10:27:36 openfire-cloud mysqld_safe[2127]: 160325 10:27:36 mysqld_safe...
Mar 25 10:27:39 openfire-cloud systemd[1]: Started MariaDB database server.
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]#

Configure Database

 [[email protected] ~]# mysql_secure_installation

When asked for database password just press enter if you haven’t set it. Then set a root password and save changes.

 [[email protected] ~]# mysql -u root -p
MariaDB> create database openfire;
MariaDB> GRANT ALL PRIVILEGES ON openfire.* TO [email protected] IDENTIFIED BY 'openfire';
MariaDB> flush privileges; 
MariaDB> use openfire;
MariaDB> source /opt/openfire/resources/database/openfire_mysql.sql;
MariaDB> exit 

If you have firewalld firewall running, you’ll have to accept allow packets on TCP ports 9090 and 9091

firewall-cmd --zone=public --add-port=9090/udp --permanent
firewall-cmd --zone=public --add-port=9090/tcp --permanent 
firewall-cmd --zone=public --add-port=9091/udp --permanent
firewall-cmd --zone=public --add-port=9091/tcp --permanent

The reload Firewalld daemon

 [[email protected] ~]# firewall-cmd --reload

To access GUI, you’ll use Server’s ip address and the port 9090. First, install net-tools package to use ifconfig to check ip address of openfire server.

 [[email protected] ~]# yum -y install net-tools
 [[email protected] ~]# ifconfig

You can also use ip addr show command to get your ip address.

 [[email protected] ~]# ip addr show

To access Openfire web administration interface use;


Select your default language then click Continue. On Server setup, set your domain and click Continue button.

We’ll use the following Configuration Parameters.
Database Driver Presets:MySQL
JDBC Driver Class: com.mysql.jdbc.Driver
Database URL:jdbc:mysql://
Username: openfire
Password: openfire


Click Continue and use Default option on Profile Settings; you can select LDAP if you have LDAP server and users using the system in your network.

Then Proceed to set User email and admin user password. Then finish installation

On Login page enter admin as username and use the password you set in previous step.

திரைபிடிப்பு 2013-09-24 12_23_08

Now you should see Your server manager window.
That’s all. Next article will be about adding users and implementing simple communication network.

Additional information

Open Ports in your Firewall
If you are using iptables you may need to open ports used by openfire and Openfire client connection ports. These ports are 5222, 7777, 9090, 9091, both udp and tcp. Replace eth1 with your network interface card.
iptables -A INPUT -p tcp -i eth1 –dport 5222 -j ACCEPT
iptables -A INPUT -p udp -i eth1 –dport 5222 -j ACCEPT
iptables -A INPUT -p tcp -i eth1 –dport 7777 -j ACCEPT
iptables -A INPUT -p udp -i eth1 –dport 7777 -j ACCEPT
iptables -A INPUT -p tcp -i eth1 –dport 9090 -j ACCEPT
iptables -A INPUT -p udp -i eth1 –dport 9090 -j ACCEPT
iptables -A INPUT -p tcp -i eth1 –dport 9091 -j ACCEPT
iptables -A INPUT -p udp -i eth1 –dport 9091 -j ACCEPT

Now reload iptables to effect the changes made.

# iptables-restore < /etc/sysconfig/iptables

If you’re using firewalld instead, then below is a complete list of commands to run.

firewall-cmd --zone=public --add-port=9090/udp --permanent 
firewall-cmd --zone=public --add-port=9090/tcp --permanent
firewall-cmd --zone=public --add-port=5222/udp --permanent
firewall-cmd --zone=public --add-port=5222/tcp --permanent
firewall-cmd --zone=public --add-port=9091/udp --permanent
firewall-cmd --zone=public --add-port=9091/tcp --permanent
firewall-cmd --zone=public --add-port=7777/udp --permanent
firewall-cmd --zone=public --add-port=7777/tcp --permanent

Reload firewalld:

 [[email protected] ~]# firewall-cmd --reload

To get a list of ports we added to the public zone, run:

[[email protected]]~# firewall-cmd --list-ports   
9090/udp 5061/udp 9091/udp 9090/tcp 5222/udp 5060/udp 7777/udp 4569/udp 5060/tcp 9091/tcp 10000-20000/udp 7777/tcp 5222/tcp 5061/tcp 5038/tcp
[[email protected]]~#

Remember to activate ip forwarding if you have several ipv4 network interfaces:

[[email protected]]~# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf 
[[email protected]]~# sysctl -p                                        
net.ipv4.ip_forward = 1
[[email protected]]~#

That’s all. You should now have a fully working Openfire XMPP server. The next things you can do include reading:

Configuring Mapping between Openfire XMPP users and Asterisk SIP users

How to Integrate Openfire XMPP Chat Server with Asterisk PBX server

You can support us by downloading this article as PDF from the Link below. Download the guide as PDF