edit: ok found it … i think there is a “problem” with default setup when you install it on your domain.
It creates ssl certificates for *.domain.tld but not for domain.tld … so if you just use your domain name domain.tld as server name you will get into trouble.
I always get the following result:
<stream:stream to=“domain.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” xml:lang=“en” version=“1.0” />
<stream:features>
<starttls xmlns=“urn:ietf:params:xml:ns:xmpp-tls” />
<mechanisms xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>
<mechanism>
PLAIN
</mechanism>
</mechanisms>
<register xmlns=“http://jabber.org/features/iq-register” />
</stream:features>
<auth xmlns=“urn:ietf:params:xml:ns:xmpp-sasl” mechanism=“PLAIN”>
dGVzdEBjcmFucHJvZC5jb20AdGVzdAB0ZXN0
</auth>
<failure xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>
<bad-auth />
</failure>
I guess it’s because of the missing certificate