[ejabberd] ubuntu cripto

Randy Bush randy at psg.com
Mon Apr 18 06:57:48 MSK 2016


>     port: 5222
>     ip: "::"
>     module: ejabberd_c2s
>     certfile: "/etc/ejabberd/ejabberd.pem"
>     starttls_required: true
>     starttls: true
>     ciphers: "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH"
>     protocol_options:
>       - "no_sslv2"
>       - "no_sslv3"
>     max_stanza_size: 65536
>     shaper: c2s_shaper
>     access: c2s
>     resend_on_timeout: if_offline

if i add
   tls: true
ejabberd logs the following

2016-04-18 03:54:56.549 [error] <0.485.0>@ejabberd_receiver:handle_info:248 TLS error = SSL_do_handshake failed: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

i feel as if i am starting to throw <bleep> at the wall to see what will
stick.  time to stop, wait a bit for someone to hit me with a clue bat,
and revert to old backup if not.

randy


More information about the ejabberd mailing list