[ejabberd] S2S Problems to some Openfire servers

Badlop badlop at gmail.com
Sat Jan 31 21:54:06 MSK 2009


2009/1/29 Nikolaus Polak <nik at np-edv.at>:
> Since a few days I have problems with s2s in both directions to some servers.
> I'm using ejabberd 2.0.3

I tried with ejabberd trunk SVN.

If I set
{s2s_use_starttls, false}.
all works.

If I set
{s2s_use_starttls, true}.
Then I experience exactly what you describe.

There is an interesting coincidence in the openfire version of the
servers that cannot be connected:

Work:
hapi.pl -- Openfire 3.3.1
ilportalinux.it -- Openfire 3.6.0

Do not work:
fritz-elfert.de -- Openfire 3.6.3
igniterealtime.org -- Openfire 3.6.3
im.relinked.org -- Openfire 3.6.3

Maybe something changed in Openfire between 3.6.0 and 3.6.3,
The only mention to s2s, TLS or encryption in that range in
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html
is this:
Use server dialback over TLS when using self-signed certificates
http://www.igniterealtime.org/issues/browse/JM-1434

There are two possibilities:
A) A problem in recent Openfire breaks his s2s STARTTLS
B) A problem in ejabberd s2s STARTTLS is visible now because recent
Openfire is more strict.


---
Badlop,
ProcessOne


More information about the ejabberd mailing list