Expired certificate on pubsub.beta.kontalk.net

Since a few weeks I get a lot of errors from your pubsub node due to none or an expired certificate on your side.

Jul 03 17:10:52 s2sin564fb8faed10       warn    No certificate provided by pubsub.beta.kontalk.net
Jul 03 17:10:52 mod_s2s warn    Forbidding insecure connection to/from pubsub.beta.kontalk.net

Were there any changes to your pubsub node? If there never was any certificate for pubsub.beta.kontalk.net, could you deploy one or is there anything why you do not want a cert there?

Hello and welcome!
Our pubsub node is an internal node living in the server beta.kontalk.net. You can’t really access it directly through pubsub.beta.kontalk.net, that’s a non-existant hostname.

But maybe I understand what you mean. Probably your server can’t handle this use case. What XMPP server are you using?

I am using prosody in latest version (trunk). I am connecting to users on kontalk via normal xmpp, so maybe that is why there are pubsub connections?

Exactly, but Prosody shouldn’t connect directly to pubsub.beta.kontalk.net, it should instead go through beta.kontalk.net. You should look up something in Prosody for this, maybe a configuration entry or a bug - Openfire had I bug like this IIRC.