powered by Jive Software

Updated to Openfire 4.6.2 and S2S TLS problems arise

i updated my Server to Openfire 4.6.2 in March.
No problems so far.
But strangely i got S2S Problems only with jabber.ccc.de after some weeks.
Restarting the Openfire service didnt work but restarting the whole server did work.

Until today it worked fine but the problems are happening again.
Restarting the server doesnt do the trick anymore.

ServerOS: Debian 10.9
JVM: Debian – OpenJDK 64-Bit Server VM
Applikationsserver: jetty/9.4.35.v20201120

Here is the all.log with debug enabled and filtered for the stream with the ccc jabber server:
As file because the discussion board finds some links in the log and only up to two are allowed for new users.openfireS2S.txt (16,8 KB)

At first everything looks fine until the TLS is negotiated and then he receives some empty input.
After that Openfire tries dialbac, but doesnt use STARTTLS for this -> ccc jabber server doesnt like this and gives an error in xml format.
But Openfire ignores this?
It waits until the time out and closes the connection.

The other S2S connections have the same Problem, but they dont need STARTTLS on dialback therefore it works … unencrypted.

Has anyone a clue what is happening here?
Its strange that this happens from time to time.