[jadmin] s2s encrypted connection

Sergio Gorelyshev cto at postlance.ru
Mon Apr 28 09:22:14 CDT 2008 

The problem is solved. The reason is really in google - their servers  
are configured to non-encrypted interserver connections :( I've tested  
out connection with amessage.info and it works fine:

20080428T14:17:00: [notice] (amessage.info): Certificate 0 has expired  
(C=DE,ST=Bayern,L=MxC3xBCnchen,O=amessage Matthias Wimmer,OU=Domain  
validated only,CN=amessage.info,EMAIL=mail at amessage.eu)
20080428T14:17:00: [notice] (s2s): connected to amessage.info  
(encrypted: 256 b (TLS 1.1/DHE_DSS_AES_256_CBC_SHA1), X.509 cert is  
invalid, auth=sasl, stream=XMPP1.0, compression=NULL)
20080428T14:17:03: [notice] (amessage.info): Certificate 0 has expired  
(C=DE,ST=Bayern,L=MxC3xBCnchen,O=amessage Matthias Wimmer,OU=Domain  
validated only,CN=amessage.info,EMAIL=mail at amessage.eu)
20080428T14:17:04: [notice] (amessage.info): Certificate 0 has expired  
(C=DE,ST=Bayern,L=MxC3xBCnchen,O=amessage Matthias Wimmer,OU=Domain  
validated only,CN=amessage.info,EMAIL=mail at amessage.eu)
20080428T14:17:04: [notice] (s2s): connection from amessage.info  
(encrypted: 256 b (TLS 1.1/RSA_AES_256_CBC_SHA1), X.509 cert is  
invalid, auth=db, stream=XMPP1.0, compression=NULL)

I'll try to ask google support about their strategy in this direction  
but i think it is hopeless :-/

Thanks.

28.04.2008, в 17:00, ml-jabber at micressor.ch wrote:

> Hi
>
> Am Mo, 28.04.2008, 15:53, schrieb Sergio Gorelyshev:
>> I suppose the [warn] messages appeared because of version of  
>> libgnutls
>> (my version is 1.4.4-3)
>
> Warning is ok.
>
>> Server is running in debug mode and i have all information in it but
>> it is very hard to understand the reason of "unencrypted" connection
>> to gmail.com. Is there is a public jabber server with support of
>> encrypted connection with other server to test with?
>
> I think gmail.com never supported tls/ssl connections on their s2s?
> The jabber-servers jabber.org, amessage.info, jabber.ccc.de
> and swissjabber.ch for example supports tls/ssl.
>
> cu /m
> ------------------------------------------------------------------
>  mail/jabber: micressor at swissjabber.ch        PGP key available
> ------------------------------------------------------------------
>
> _______________________________________________
> JAdmin mailing list
> JAdmin at jabber.org
> http://mail.jabber.org/mailman/listinfo/jadmin
> FAQ: http://www.jabber.org/about/jadminfaq.shtml
> _______________________________________________

-----------------------------------------------
PostLance.Ru
B2B Платформа Нетривиальной Рекламы
Скрытый Маркетинг Во Всех Проявлениях

More information about the JAdmin mailing list