[ejabberd] S2S and starttls not working

Thomas Martin tmartincpp at gmail.com
Tue Nov 25 16:55:05 MSK 2014


2014-11-25 14:26 GMT+01:00 Stefan Strigler <stefan.strigler at gmail.com>:
> Yes, you're missing that you're denying s2s access for all except for
> jabber.mydomain(1|2). Note the difference between domainX and mydomainX.
>

Indeed, my bad, you are right!
Sorry about that, I changed real domains names to (my)domain* to make
the post more anonymous.

Please consider mydomain equivalent to domain.

Thanks.

Thomas

> 2014-11-25 13:23 GMT+01:00 Thomas Martin <tmartincpp at gmail.com>:
>>
>> Hi Stefan,
>>
>> 2014-11-25 12:49 GMT+01:00 Stefan Strigler <stefan.strigler at gmail.com>:
>> >
>> > 2014-11-25 12:18 GMT+01:00 Thomas Martin <tmartincpp at gmail.com>:
>> >>
>> >>
>> >> Configuration is the same on both sides (except for domain2 which is
>> >> replaced by domain1):
>> >> {s2s_default_policy, deny}.
>> >> {{s2s_host, "jabber.mydomain2"}, allow}.
>> >
>> >
>> > That should rather be jabber.domain2 instead, shouldn't it?
>> >
>> >>
>> >> {{s2s_host, "conference.jabber.mydomain2"}, allow}.
>> >
>> >
>> > Similar here.
>> >
>> >
>> > Regards, Stefan
>> >
>>
>> Sorry but I don't understand what you mean; I will try to explain:
>> - on jabber.domain1 I'm allowing jabber.domain2 to connect,
>> - on jabber.domain2 I'm allowing jabber.domain1 to connect.
>>
>> It works without TLS so I'm thinking that this configuration is actually
>> OK!?
>>
>> Am I missing something ?
>> _______________________________________________
>> ejabberd mailing list
>> ejabberd at jabber.ru
>> http://lists.jabber.ru/mailman/listinfo/ejabberd
>
>
>
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
>


More information about the ejabberd mailing list