[ejabberd] S2S and starttls not working

Holger Weiß holger at zedat.fu-berlin.de
Tue Nov 25 17:09:27 MSK 2014

* Thomas Martin <tmartincpp at gmail.com> [2014-11-25 12:18]:
> If I set "s2s_use_starttls" to "true" the s2s connection don't work
> (no connection established).

Can you talk to other remote servers, or have you just tried this one?
Older ejabberd versions can stumble over certificates with incorrect
host names, for example.

> {s2s_default_policy, deny}.

Did you try it without this setting, just to make sure it's unrelated to
the policy configuration?

> I tried to use openssl to test this issue and I don't get any answers:
> $ openssl s_client -connect jabber.domain2:5269 -starttls xmpp

OpenSSL's s_client tool supports STARTTLS only for client-to-server
connections, not for server-to-server connections.

> Version used: 2.1.10 (using Debian's package).

If you'd like to try a newer version on Wheezy, you could use the
following inofficial repository:



More information about the ejabberd mailing list