Hello Simon,
Am 07.02.2017 um 10:12 schrieb Simon Josefsson:
> You need to provide more details for this to be a useful bug report.
> Your statements above can easily be disproved. I'm using
> 2.4.0-1~bpo8+1 and TLS works just as I want it to work, see for example:
>
> https://www.xmpp.net/result.php?domain=josefsson.org&type=server
> https://www.xmpp.net/result.php?domain=josefsson.org&type=client
I don't know what is tested there - but all i can test is
$ openssl s_client -connect chat.josefsson.org:5222 -starttls xmpp
CONNECTED(00000003)
There is no TLS connection established!
But when i test the same to my prosody server i get
...
---
SSL handshake has read 1946 bytes and written 627 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
...
This is an working TLS connection!
>
> All of my configurations are available here:
>
> https://gitlab.com/jas/sjd-cosmos/tree/master/chat.josefsson.org/overlay/etc/jabberd2
So at least you use
|<id password-change='mu' require-starttls='mu'
pemfile='/etc/jabberd2/server.pem'>josefsson.org</id> |
That's what i already tested.
> As far as I can tell, what you are looking for is help to configure
> jabberd2. To get help, you need to find someone to help you and you
> need to explain what you have tried and what happenes, and what you
> expect to happen.
I have written all this information in the linked bug reports.
There is nothing more that could be find out.
The developer doesn't support help or more information.
Sorry.
It's just a warning to users who want's to have a secure XMPP server.
Best regards
Karsten
