Outgoing s2s not encrypted

When I go to Sessions - Server Sessions, most connections are not symmertrically encrypted: incoming connection has a padlock, but outgoing does not. (screen attached) My S2S security preferences are set to “optional”, because in “Required” mode I can’t talk to most of my contacts.

I thought it’s a certificate problem on the remote servers - but these servers get a good grade in XMPP TLS test:

https://xmpp.net/result.php?domain=jabber.no&type=server

https://xmpp.net/result.php?domain=jabber.ccc.de&type=server

I’ve even disabled the certificate verification (xmpp.server.certificate.verify.root and xmpp.server.certificate.verify) and most outgoing connections still aren’t using TLS.

Am I missing some setting?

Hi,

please look into:

And:

In short words: jabber.ccc.de is using ejabberd and it doesn’t offer any method of domain authorization. The specification is unclear at this point how to handle this (close or dialback is possible). OF at the current point closes the connection.

Best regards,

Sven

Awesome! I just applied that patch and almost all connections are encrypted in both ways. Thank you.