xmpp service on port 443 and sslh complexity

Pirate Praveen Public Seen by 249

We started offering xmpp on port 443 to bypass stupid firewalls. But it added a complex piece of software sslh to the mix. With matrix service becoming popular and sslh configuration causing down times, I suggest we stop providing xmpp on port 443 (it will still be availble on 5222 and 5223 ports). If someone figures out a way to proxy this using nginx, we can consider this again. This will help us to get rid of sslh.

Pirate Praveen Sun 1 Jul 2018 2:56PM

dig -t SRV _xmpp-client._tcp.poddery.com

; <<>> DiG 9.11.3-1-Debian <<>> -t SRV _xmpp-client._tcp.poddery.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13881
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;_xmpp-client._tcp.poddery.com. IN  SRV

;; ANSWER SECTION:
_xmpp-client._tcp.poddery.com. 86400 IN SRV 10 1 443 poddery.com.
_xmpp-client._tcp.poddery.com. 86400 IN SRV 20 1 5222 poddery.com.

;; AUTHORITY SECTION:
poddery.com.        10800   IN  NS  b.dns.gandi.net.
poddery.com.        10800   IN  NS  c.dns.gandi.net.
poddery.com.        10800   IN  NS  a.dns.gandi.net.

;; Query time: 211 msec
;; SERVER: 192.168.43.1#53(192.168.43.1)
;; WHEN: Sun Jul 01 20:24:28 IST 2018
;; MSG SIZE  rcvd: 181

xmpp service on port 443 and sslh complexity

Pirate Praveen · Sun 1 Jul 2018 2:56PM

Pirate Praveen Sun 1 Jul 2018 2:56PM