Dear list, Here a quick heads up: DH groups with less than 2048 bits are rejected by OpenSSL as shipped with Debian stable. This poses interop issues for domains which do have such groups (e.g. jabber.org, jabber.ru).
Please check your service configuration for the DH group size.
I think the error can only be seen from within XMPP on the side with the
stricter settings ("dh key size too small"), while for the other side it
probably looks just like a timeout because the error happens before dialback
or anything can happen.
kind regards,
Jonas
signature.asc
Description: This is a digitally signed message part.
