ejabberd - Comments for "secure only" https://www.ejabberd.im/node/4094 en Thanks for this. I had the https://www.ejabberd.im/node/4094#comment-58186 <p>Thanks for this. I had the exact same problem: I couldn't make the starttls to work with ejabberd-2.1.10 (downloaded from the <noindex><a href="http://www.process-one.net" title="http://www.process-one.net" rel="nofollow" >http://www.process-one.net</a></noindex> site) on a CentOS 5.5 machine.</p> <p>I made it work by symlinking the openssl libraries installed in the system to the lib/linux-x86/ dir of the ejabberd distribution. The system had libssl.so.0.9.8e and libcrypto.so.0.9.8e installed, but ejabberd had only libssl.so.0.9.7 and libcrypto.so.0.9.7 in lib/linux-x86/. Running <code>ejabberdctl live</code> I noticed that it was complaining about missing libssl.so.0.9.8 and libcrypto.so.0.9.8 libraries:</p> <div class="codeblock"><code>C(&lt;0.42.0&gt;:sha:53) : unable to load driver &#039;/opt/ejabberd-2.1.10/lib/ejabberd-2.1.10/priv/linux-x86/lib/sha_drv.so&#039;: libssl.so.0.9.8: cannot open shared object file: No such file or directory <p>C(&lt;0.42.0&gt;:sha:53) : unable to load driver &#039;/opt/ejabberd-2.1.10/lib/ejabberd-2.1.10/priv/linux-x86/lib/sha_drv.so&#039;: libcrypto.so.0.9.8: cannot open shared object file: No such file or directory</p></code></div> <p>So, after making the symlinks:</p> <div class="codeblock"><code>ln -s /lib/libssl.so.0.9.8e /opt/ejabberd-2.1.10/lib/linux-x86/libssl.so.0.9.8<br />ln -s /lib/libcrypto.so.0.9.8e /opt/ejabberd-2.1.10/lib/linux-x86/libcrypto.so.0.9.8</code></div> <p>starttls started working.</p> Wed, 04 Jan 2012 12:50:45 +0000 adrian.fita comment 58186 at https://www.ejabberd.im I've been thinking of the https://www.ejabberd.im/node/4094#comment-56875 <p>I've been thinking of the same thing ... so let me just make sure that I have this correct.</p> <p>If starttls and require_starttls is setup correctly, all communications (between servers and between client and server) is encrypted. Is that correct?</p> <p>I use Psi on windows and iChat on makes for a intranet only install of ejabberd. I know that I have encryption set in Psi. I don't have access to the machine right now but it is a CentOS machine. Once I get access to the box, I will post what versions I have for everything.</p> Sun, 12 Dec 2010 21:10:14 +0000 rhotech comment 56875 at https://www.ejabberd.im My openssl version; try to load tls_drv manually https://www.ejabberd.im/node/4094#comment-56654 <div class="quote-msg"> <div class="quote-author"><em>Toby</em> wrote:</div> <p>I downloaded the source, but the problem there of course is that I then need to install a bunch of other stuff - like an Erlang compiler - to have a go at compiling. I've spent about 15 man-hours so far trying to make this work. Figuring out how to compile Erlang is not on the menu. </p></div> <p>Compiling Erlang/OTP is the hardest part (it has several dependencies), and takes 1 hour to compile). If your distribution had some compatible Erlang packages, that would save you 95% of the work.</p> <p>Compiling ejabberd is later rather easy (it only requires erlang and a few more dependencies), and takes 1 minute to compile.</p> <div class="quote-msg"> <div class="quote-author"><em>Toby</em> wrote:</div> <p>So, last try - anyone out there who *does* have SSL/TLS working, what version of OpenSSL do you have installed? </p></div> <p>I've installed ejabberd 2.1.5 Linux 32bit installer (ejabberd-2.1.5-linux-x86-installer.bin) in my machine, all default configuration and files. Then I login with the typical TLS encryption + SASL auth.</p> <p>ejabberd.log:</p> <pre> =INFO REPORT==== 2010-09-24 17:01:04 === I(&lt;0.394.0&gt;:ejabberd_listener:232) : (#Port&lt;0.470&gt;) Accepted connection {{127,0,0,1},35424} -&gt; {{127,0,0,1},5222} =INFO REPORT==== 2010-09-24 17:01:05 === I(&lt;0.406.0&gt;:ejabberd_c2s:716) : ({socket_state,tls,{tlssock,#Port&lt;0.470&gt;,#Port&lt;0.475&gt;},&lt;0.405.0&gt;}) Accepted authentication for badlop by ejabberd_auth_internal =INFO REPORT==== 2010-09-24 17:01:05 === I(&lt;0.406.0&gt;:ejabberd_c2s:839) : ({socket_state,tls,{tlssock,#Port&lt;0.470&gt;,#Port&lt;0.475&gt;},&lt;0.405.0&gt;}) Opened session for badlop@localhost/tkabber </pre><p> System and library info:</p> <pre> $ uname -a Linux dolmin 2.6.32-1-686 #1 SMP Mon Feb 1 01:37:26 UTC 2010 i686 GNU/Linux $ openssl version OpenSSL 0.9.8o 01 Jun 2010 $ aptitude show libssl0.9.8 ... Version: 0.9.8o-2 $ cat /etc/apt/sources.list | grep "^deb" deb <noindex><a href="http://ftp.fr.debian.org/debian" title="http://ftp.fr.debian.org/debian" rel="nofollow" >http://ftp.fr.debian.org/debian</a></noindex> sid main contrib non-free </pre><p> Another idea is to try to load the library manually, using the same calls that ejabberd does, and trying different ways. I start ejabberd interactively, and then I make some calls:</p> <pre> $ ejabberdctl live ... (ejabberd@localhost)1&gt; Path = os:getenv("EJABBERD_SO_PATH"). "//lib/ejabberd/priv/lib" (ejabberd@localhost)2&gt; erl_ddll:load_driver(Path, tls_drv). ok (ejabberd@localhost)3&gt; erl_ddll:load_driver(Path, tls_drv). ok (ejabberd@localhost)4&gt; erl_ddll:load_driver("/tmp/123", tls_drv). {error,bad_driver_name} (ejabberd@localhost)5&gt; erl_ddll:load_driver("/lib/ejabberd/priv/lib", tls_drv). {error,bad_driver_name} (ejabberd@localhost)6&gt; erl_ddll:load_driver("//lib/ejabberd/priv/lib", tls_drv). ok (ejabberd@localhost)9&gt; erl_ddll:load_driver("////lib/ejabberd/priv/lib", tls_drv). {error,bad_driver_name} (ejabberd@localhost)11&gt; erl_ddll:load_driver("//lib/ejabberd/priv/", tls_drv). {error,bad_driver_name} (ejabberd@localhost)13&gt; erl_ddll:load_driver("//lib/ejabberd/priv/lib", expat_erl). ok (ejabberd@localhost)14&gt; erl_ddll:load_driver("//lib/ejabberd/priv/lib", xml). {error,no_driver_init} (ejabberd@localhost)15&gt; erl_ddll:load_driver("//lib/ejabberd/priv/lib", tls_drvaaaa). {error,{open_error,-10}} </pre><p> Let's hope this allows you to perform more fine-grained testing and detect what exactly is the problem.</p> Fri, 24 Sep 2010 15:28:00 +0000 mfoss comment 56654 at https://www.ejabberd.im Well, I'm about out. I've https://www.ejabberd.im/node/4094#comment-56648 <p>Well, I'm about out.</p> <p>I've updated to the latest OpenSSL for my platform.</p> <p>I've tried making a new server.pem, just in case it was that.</p> <p>Nothing changed.</p> <p>So - I have an error message, "-10", where I don't know actually what it means. The tls_drv.so file is present - removing it apparently gives "-10" as well. So maybe it's linked against a different OpenSSL version that I have installed. But there's no error information - so... on the guess that it might be an OpenSSL version problem, I spend time guessing which version I'm supposed to have?</p> <p>I can't make progress. There's no meaningful error information.</p> <p>I downloaded the source, but the problem there of course is that I then need to install a bunch of other stuff - like an Erlang compiler - to have a go at compiling. I've spent about 15 man-hours so far trying to make this work. Figuring out how to compile Erlang is not on the menu.</p> <p>So, last try - anyone out there who *does* have SSL/TLS working, what version of OpenSSL do you have installed?</p> Wed, 22 Sep 2010 21:40:58 +0000 Toby comment 56648 at https://www.ejabberd.im Oy vey - let us hope we do https://www.ejabberd.im/node/4094#comment-56643 <p>Oy vey - let us hope we do not see the same error code meaning all of "file not found", "incompatable architecture" and "wrong library version"!</p> Tue, 21 Sep 2010 18:49:06 +0000 Toby comment 56643 at https://www.ejabberd.im Re https://www.ejabberd.im/node/4094#comment-56640 <div class="quote-msg"><div class="quote-author"><em>Toby</em> wrote:</div> I'm using 2.1.15 on 32 bit Centos. Is anyone out there actually using encryption with 2.1.15? </div> You are the only person on this earth that have ejabberd 2.1.<b>15</b>. <div class="quote-msg"><div class="quote-author"><em>Toby</em> wrote:</div> Ejabberd works without encryption - but if I have any kind of encyption option active, I get {open_error,-10}. Elsewhere on the web, this was thought perhaps to be a problem finding tls_drv.so. This file is in the correct location (./lib/ejabberd-2.1.5/priv/linux-x86/lib/tls_drv.so) and has the correct permissions (installed as use ejabberd in its home directly). </div> TLS works for me. When I delete that file, I get the open_error -10 you both mentioned. If you use a precompiled *.so, maybe it was compiled for a different architecture, or for a different OpenSSL library. Tue, 21 Sep 2010 17:19:48 +0000 mfoss comment 56640 at https://www.ejabberd.im ditto https://www.ejabberd.im/node/4094#comment-56634 <p>This is *EXACTLY* my problem. I'm using 2.1.15 on 32 bit Centos.</p> <p>I've been trying for about twelve man-hours now to get ejabberd to work with encryption.</p> <p>Ejabberd works without encryption - but if I have any kind of encyption option active, I get {open_error,-10}.</p> <p>Elsewhere on the web, this was thought perhaps to be a problem finding tls_drv.so.</p> <p>This file is in the correct location (./lib/ejabberd-2.1.5/priv/linux-x86/lib/tls_drv.so) and has the correct permissions (installed as use ejabberd in its home directly).</p> <p>It is not apparent what is going wrong or why.</p> <p>I have tried setting LD_LIBRARY_PATH for user ejabberd (to be the absolute path to the tls_drv.so file); this does not fix the problem.</p> <p>Is anyone out there actually using encryption with 2.1.15?</p> Tue, 21 Sep 2010 10:33:05 +0000 Toby comment 56634 at https://www.ejabberd.im same request https://www.ejabberd.im/node/4094#comment-56633 <p>I also have the same request for the ejabberd server to allow only encrypted sessions. I have tried setting the ejabberd_c2s listener to starttls and starttls_required. Neither seem to allow starttls connection. My client is Psi. I have tried the Psi setting "Encrypt conection: When available" and with the value "always" with no luck.</p> <p>listener config:</p> <div class="codeblock"><code>{listen,<br /> [ <p>&nbsp; {5222, ejabberd_c2s, [<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {certfile, &quot;/opt/ejabberd-2.1.5/conf/server.pem&quot;}, starttls,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {access, c2s},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {shaper, c2s_shaper},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {max_stanza_size, 65536}<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ]},</p></code></div> <p>connection log file output:</p> <div class="codeblock"><code>=INFO REPORT==== 2010-09-20 11:00:43 ===<br />I(&lt;0.381.0&gt;:ejabberd_listener:232) : (#Port&lt;0.482&gt;) Accepted connection {{xxx.xxx.xxx.xxx},1663} -&gt; {{192,168,250,35},5222} <p>=ERROR REPORT==== 2010-09-20 11:00:43 ===<br />** State machine &lt;0.410.0&gt; terminating<br />** Last event in was {xmlstreamelement,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {xmlelement,&quot;starttls&quot;,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [{&quot;xmlns&quot;,&quot;urn:ietf:params:xml:ns:xmpp-tls&quot;}],<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; []}}<br />** When State == wait_for_feature_request<br />**&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Data&nbsp; == {state,{socket_state,gen_tcp,#Port&lt;0.482&gt;,&lt;0.409.0&gt;},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ejabberd_socket,#Ref&lt;0.0.0.10116&gt;,false,&quot;1329861660&quot;,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {sasl_state,&quot;jabber&quot;,&quot;commsw2.example.com&quot;,[],<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #Fun&lt;ejabberd_c2s.1.30334249&gt;,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #Fun&lt;ejabberd_c2s.2.32721014&gt;,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #Fun&lt;ejabberd_c2s.3.7052687&gt;,undefined,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; undefined},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c2s,c2s_shaper,false,true,false,false,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [verify_none,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {certfile,&quot;/opt/ejabberd-2.1.5/conf/server.pem&quot;}],<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; false,undefined,[],&quot;commsw2.example.com&quot;,[],<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; undefined,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {pres_t,0},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {pres_f,0},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {pres_a,0},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {pres_i,0},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; undefined,undefined,undefined,false,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {userlist,none,[],false},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; unknown,unknown,<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {{xxx.xxx.xxx.xxx},1663},<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &quot;en&quot;}<br />** Reason for termination =<br />** {{case_clause,{error,{open_error,-10}}},<br />&nbsp;&nbsp;&nbsp; [{tls,tcp_to_tls,2},<br />&nbsp;&nbsp;&nbsp;&nbsp; {ejabberd_socket,starttls,3},<br />&nbsp;&nbsp;&nbsp;&nbsp; {ejabberd_c2s,wait_for_feature_request,2},<br />&nbsp;&nbsp;&nbsp;&nbsp; {p1_fsm,handle_msg,10},<br />&nbsp;&nbsp;&nbsp;&nbsp; {proc_lib,init_p,5}]}</p></code></div> Mon, 20 Sep 2010 21:07:01 +0000 jkmeinde comment 56633 at https://www.ejabberd.im nasht00 wrote: I am new to https://www.ejabberd.im/node/4094#comment-56018 <div class="quote-msg"> <div class="quote-author"><em>nasht00</em> wrote:</div> <p>I am new to the whole jabber thing.<br /> I've managed to get ejabberd setup, running and all that, all seems to work fine.<br /> Now I've been recommended to make it so that all communications are secured, using TLS or whatever.</p> <p>What's the best way to go about that?</p></div> <p>Edit ejabberd.cfg, and make sure the listener ejabberd_c2s has the option starttls or starttls_required</p> <p>In the clients, enable encryption (sometimes called TLS, or STARTTLS).</p> Mon, 07 Jun 2010 10:32:02 +0000 mfoss comment 56018 at https://www.ejabberd.im