Dear support,
On *nix systems “openssl s_client” is a nice tool to check SSL capabilities of a service.
Unfortunately, if I try to connect to openfires s2s port, this fails.
**# **openssl s_client -connect localhost:5269 -starttls xmpp
CONNECTED(00000003)
[…]
This usually works fine with other XMPP server software. If I debug this connection (openssl -debug) I extracted the following XML communication (already formatted to something readable):
CONNECTED(00000003)
write to 0x20bd2e0 [0x7ffc94b61aa0] (114 bytes => 114 (0x72))
<stream:stream xmlns:stream=‘http://etherx.jabber.org/streams’ xmlns=‘jabber:client’ to=‘localhost’ version=‘1.0’>
read from 0x20bd2e0 [0x1ff3e10] (8192 bytes => 330 (0x14A))
<?xml version='1.0' encoding='UTF-8'?><stream:stream from=“jabber.example.org” id=“9u1BV” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>
<stream:error xmlns:stream="http://etherx.jabber.org/streams">
<host-unknown xmlns="urn:ietf:params:xml:ns:xmpp-streams"/>
</stream:error>
</stream:stream>
openfire thinks the probing server is an unknown host?
Btw.: “openssl s_client” works fine with the c2s port 6222.
I run openfire 3.10.2 on CentOS 7.1 with java 1.8.0_45. openssl is version 1.0.1e.
So long,