[ejabberd] S2S Problems to some Openfire servers

Badlop badlop at gmail.com
Sat Jan 31 21:54:06 MSK 2009

2009/1/29 Nikolaus Polak <nik at np-edv.at>:
> Since a few days I have problems with s2s in both directions to some servers.
> I'm using ejabberd 2.0.3

I tried with ejabberd trunk SVN.

If I set
{s2s_use_starttls, false}.
all works.

If I set
{s2s_use_starttls, true}.
Then I experience exactly what you describe.

There is an interesting coincidence in the openfire version of the
servers that cannot be connected:

hapi.pl -- Openfire 3.3.1
ilportalinux.it -- Openfire 3.6.0

Do not work:
fritz-elfert.de -- Openfire 3.6.3
igniterealtime.org -- Openfire 3.6.3
im.relinked.org -- Openfire 3.6.3

Maybe something changed in Openfire between 3.6.0 and 3.6.3,
The only mention to s2s, TLS or encryption in that range in
is this:
Use server dialback over TLS when using self-signed certificates

There are two possibilities:
A) A problem in recent Openfire breaks his s2s STARTTLS
B) A problem in ejabberd s2s STARTTLS is visible now because recent
Openfire is more strict.


More information about the ejabberd mailing list