powered by Jive Software

Failed ssl handshake with jabberd

Hi,

I have openfire version 3.7.1. One of my contact has jabberd and upgrade it from 1.4 to 1.6.1.1.

After this change servers can’t communicate with error (this is from log on jabberd side):

mio_tls.cc:1184 TLS handshake failed for fd #49: The Diffie-Hellman prime sent by the server is not acceptable (not long enough).

jabberd server sends diffie hellman with 1024bits, but our server accepts only 768bits for handshake. After that jabberd tried to connect with non-ssl, but it failed with error:

bouncing a packet to … from …: Failed to deliver stanza to other server while connected to other host: …: Connected

Is there any way to increase value for diffie hellman handshake? If my contact modify source code of jabberd (and accepts more than 512bits for handshake), communication works.

My configuration:

  • self signed certificate

  • optional server connection security

  • accept self signed certificates

Regards

Petr Jurasek