s2s TLS in --hardened-mode

Simon Tennant
Added about 5 years ago

We've been having issues connecting from our Tigase instance to Prosody.

I am trying to resolve if it's something with our Tigase setup or a more general problem.

  • On Tigase we're running with --hardened-mode (domain is

  • On Prosody we're running with "s2s_require_encryption=true" and "s2s_secure_auth=true" (check the remote server's certificate is valid). This Prosody instance is currently federating with other non-Tigase servers but doesn't seem to negotiate s2s TLS with Tigase.

If someone has time, please try and add a jid ( or otherwise generate s2s traffic: I'd like to watch our logs and be curious see what your logs show.

If we can get this working, then I'd be very curious to see the working Tigase config and apply it to our Tigase instance.

Thanks everyone.

Replies (2)


Added by Artur Hefczyc TigaseTeam about 5 years ago

I have created task for this: #1729. Simon, what timezone are you in?

Added by Simon Tennant about 5 years ago

Hi Artur -

Had to check myself : )

Thu Feb 13 22:15:58 CET 2014