On Mon, Oct 13, 2008 at 10:21 PM, Peter Saint-Andre <[EMAIL PROTECTED]>wrote:
> Norman Rasmussen wrote: > > I'm currently having issues connecting to jabber.co.za > > <http://jabber.co.za> from darkskies.za.net <http://darkskies.za.net> > > using TLS. It seems that the TLS negotiation fails, and jabberd2 > > doesn't fall back to non-TLS in that case. > > > > Can anyone else confirm this? > > I haven't been able to confirm this. Do you run jabberd2? Do you know > what software runs at jabber.co.za? I think it's ejabberd. > > The output of 'openssl s_client -connect your.server.tld:5223' reveals > that jabber.co.za has a cert from Thawte. Does anyone know what root > cert to use for verification? It seems that thawte-roots.zip has lots of > certs in it. :/ > Sorry, I forgot to mention that this is via s2s only. I can connect via s_client on 5223 okay. There's no easy way to check via 5222 or 5269 is there? (openssl doesn't seem to have a xmpp-client or xmpp-server starttls option - although I know there's a patch somewhere, it's not yet applied in my debian copy) -- - Norman Rasmussen - Email: [EMAIL PROTECTED] - Home page: http://norman.rasmussen.co.za/
