XMPP Service Operators - 2017-02-18

  1. devnull

    ThibG: you have a self-signed certificate on your c2s port. s2s connections don't (to my knowledge; I might be wrong) necessarily require a "trusted" certificate, but c2s ones do, generally.

  2. devnull

    i have a self-signed (well, not quite, my own CA) certificate on my domain, and I've had to trust it explicitly (or add my CA certificate to the system store) every time I connect

  3. ThibG

    devnull: sure, but xmpp.net just returned Connection failed for both c2s and s2s

  4. ThibG

    cf. https://xmpp.net/result.php?domain=sitedethib.com&type=server

  5. ThibG

    I'm under the impression an untrusted cert shouldn't cause this and only affect the certificate score…

  6. ThibG

    Obviously, s2s works well enough for me to be able to write here, so I have really no idea about what's going on

  7. Link Mauve

    devnull, some servers do require a trusted s2s certificate too, and sometimes it’s impossible, for example I host several domains whose owner wouldn’t like me to be able to impersonate it in a browser, so for now they are unreachable by s2s from some servers with higher security parameters.