powered by Jive Software

Show TLS status for S2S connections

Is it possible to find out whether an S2S connection is TLS/SSL-encrypted in the web admin interface? I have set S2S TLS possible but not required so I don’'t know what server actually uses it.

That would be a neat feature…

I know that you can look in the logs and find the handshake on s2s, and check dialback and connection variables.

jeff

Hey guys,

Server-2-server connections that are secured in both ways will be shown with a yellow lock icon in the list session summary. If only one part is secured then you will see that info when you click on the session details. Each secured connection will show a lock icon.

Regards,

– Gato

Thanks for the info.

Well, has anybody ever seen that yellow lock with s2s connections already? Seems like the 16 servers mine talks to (incl. jabber.ru and gmail.com) don’'t support/use TLS.

Hey Pixel,

That is because most servers out there are still using the old connection method named Server Dialback[/i]. Even ejabberd that supports TLS for s2s has a bug that prevents secured connections to be negotiated. Not that by default Wildfire will not accept self signed certificates so the % of success is quite low.

Regards,

– Gato

I’‘m not familiar with the s2s part of XMPP. And I haven’‘t installed my own (self-signed) certificate yet, still using the one that came with it… Okay, so it’'ll take some time.