Google Product Forums

How to enable XMPP Server to Server (S2S) TLS encryption


Najihel Apr 6, 2012 5:29 AM
Posted in group: Google Apps

Categories: Google Contacts :

Hello,

I have a issue with GTalk for my GoogleApps domain.

When i try to talk with people hosted on an external domain, who using TLS encryption for S2S's exchanges, their servers refuse these connections because, apparently, TLS isn't enable on GoogleApps for S2S connections.

Have you got an idea ?

Thanks in advance

PS : Here are some logs which come from a server of a person with whom I'm discussing.

Apr 06 13:19:00 s2souta0da5d0 info Connection failed (Encrypted server-to-server communication is required but was not offered). Attempt #2: This time to alt4.xmpp-server.l.google.com.:5269
Apr 06 13:19:00 s2souta0da5d0 info Beginning new connection attempt to gmail.com (74.125.71.125:5269)
Apr 06 13:19:00 s2souta0da5d0 info outgoing s2s connection ikol.fr->gmail.com complete
Apr 06 13:19:01 s2souta0da5d0 info sent dialback key on outgoing s2s stream
Apr 06 13:19:01 s2sina0f3dd0 info Incoming s2s connection
Apr 06 13:19:02 s2sina0f3dd0 info Disconnecting (unknown host)[s2sin_unauthed], <stream:error> is: <stream:error><policy-violation xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>Encrypted server-to-server communication is required but was not used</text></stream:error>
Apr 06 13:19:02 s2sina0f3dd0 info s2s disconnected: gmail.com->ikol.fr (Encrypted server-to-server communication is required but was not used)
Apr 06 13:19:02 s2sina0f3dd0 info Destroying incoming session gmail.com->ikol.fr
Apr 06 13:19:02 ikol.fr:dialback warn Incoming s2s session 0xa08e670 was closed in the meantime, so we can't notify it of the db result
Apr 06 13:19:02 s2souta0da5d0 info Disconnecting ikol.fr[s2sout], <stream:error> is: <stream:error><policy-violation xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text xmlns='urn:ietf:params:xml:ns:xmpp-streams'>Encrypted server-to-server communication is required but was not offered</text></stream:error>
Apr 06 13:19:02 s2souta0da5d0 info s2s disconnected: ikol.fr->gmail.com (Encrypted server-to-server communication is required but was not offered)
Apr 06 13:19:02 s2souta0da5d0 info Destroying outgoing session ikol.fr->gmail.com