freebsd 10.2 jabberd2 version(2.3.6) I followed these instructions: https://github.com/jabberd2/jabberd2/wiki/InstallGuide-OpenSSLConfiguration other than renaming server.pem to jabber.pem since I had originally put that in the XML files.
In the c2s.xml <id realm="MYDOMAIN.ORG" verify-mode='0' pemfile="/usr/local/etc/jabberd/jabber.pem" ciphers='ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS' require-starttls='yes' >MYDOMAIN>ORG</id> Pulling some lines out of the debug with the usual sanitation to keep out of the search engines: ---------------------------------------------------- C2S : Tue May 3 08:54:56 2016 authreg.c:80 preloaded module 'mysql' (not initialized yet) SM : sx (ssl.c:992) Restricting TLS ciphers to !aNULL:!eNULL:!EXP:ALL:!EXPORT:!aNULL:!eNULL:!SSLv2 SM : sx (ssl.c:1021) No CA chain specified. Loading SSL default CA certs: /etc/ssl/certs SM : sx (ssl.c:405) secure channel not established, handshake in progress SM : sx (ssl.c:59) verify error:num=18:self signed certificate:depth=0:/C=US/ST=state/L=city/O=none/OU=none /CN=mydomain.org/emailAddress=webmas...@mydomain.org ---------------------------------------------------- How exactly do I specify the cachain for a self signed cert. I get openssl error 18 meaning it can't be verified. Setting verify-mode='0' didn't help.
