Secure ejabberd: protocol options and ciphers setting has no effect

Question

I try to secure my ejabberd by configuring openssl ciphers like this for s2s communication:

{s2s_use_starttls, required}.
{s2s_certfile, "/etc/ejabberd/mycert.pem"}.
{s2s_protocol_options, ["no_sslv3", "no_sslv2"]}.
{s2s_ciphers, "HIGH" }.

However the test shows the server still serves RC4 and sslv3. Why do these settings not show any effect?

score 0 · Answer 1 · answered Feb 13 '16 at 09:34

0

This is not possible with ejabberd 2.1.11-1ubuntu2.1 amd64. See https://github.com/processone/ejabberd/issues/954

answered Feb 13 '16 at 09:34

funkenstrahlen

1 Answers1