Assertion failed

april 30, 2015

XMPP-federation with google

I have my own XMPP-server running ejabberd with federation enabled. But when trying to add a contact using gmail to the roster, it failed and I got the following message in the log.

2015-04-30 13:34:35.086 [info] <0.2063.0>@ejabberd_s2s_out:wait_for_validation:450 Closing s2s connection: lden.org -> gmail.com (invalid dialback key)

After some searching on the web it turns out google does not support TLS when fedrating. Since I had configured ejabberd to require TLS, even with a self-signed certificate this did not work.

To get around this I had to change s2s_use_starttls from ‘required’ to ‘optional’. The caveat with this is you now allow servers to speak unencrypted between each other. I would prefer if this was not allowed, so I have yet to decide if I leave this as optional or change it back to required and survive without being able to federate with google.