I have my own XMPP-server running ejabberd with federation enabled. But when trying to add a contact using gmail to the roster, it failed and I got the following message in the log.
2015-04-30 13:34:35.086 [info] <0.2063.0>@ejabberd_s2s_out:wait_for_validation:450 Closing s2s connection: lden.org -> gmail.com (invalid dialback key)
After some searching on the web it turns out google does not support TLS when fedrating. Since I had configured ejabberd to require TLS, even with a self-signed certificate this did not work.
To get around this I had to change
s2s_use_starttls from ‘required’ to ‘optional’. The caveat with this is you now allow servers to speak unencrypted between each other. I would prefer if this was not allowed, so I have yet to decide if I leave this as optional or change it back to required and survive without being able to federate with google.