On *nix systems “openssl s_client” is a nice tool to check SSL capabilities of a service.
Unfortunately, if I try to connect to openfires s2s port, this fails.
**# **openssl s_client -connect localhost:5269 -starttls xmpp
This usually works fine with other XMPP server software. If I debug this connection (openssl -debug) I extracted the following XML communication (already formatted to something readable):
write to 0x20bd2e0 [0x7ffc94b61aa0] (114 bytes => 114 (0x72))
<stream:stream xmlns:stream=‘http://etherx.jabber.org/streams’ xmlns=‘jabber:client’ to=‘localhost’ version=‘1.0’>
read from 0x20bd2e0 [0x1ff3e10] (8192 bytes => 330 (0x14A))<?xml version='1.0' encoding='UTF-8'?>
<stream:error xmlns:stream="http://etherx.jabber.org/streams"> <host-unknown xmlns="urn:ietf:params:xml:ns:xmpp-streams"/> </stream:error>
openfire thinks the probing server is an unknown host?
Btw.: “openssl s_client” works fine with the c2s port 6222.
I run openfire 3.10.2 on CentOS 7.1 with java 1.8.0_45. openssl is version 1.0.1e.