Open plinss opened 5 years ago
indeed. Do you happen to know if synapse correctly supports ECDSA ciphers on outbound federation connections?
Yes, I tested by turning off the RSA certificate for one of my servers and other servers were able to federate just fine
FWIW, if you need a server with both certificates to test against, feel free to use matrix.elemental.software
Some servers run both certificate types in parallel. If the server reports both RSA and ECDSA ciphers available, the tester should connect twice, once with only RSA ciphers enabled and once with only ECDSA ciphers enabled to retrieve and test both certificates.
Currently it only fetches a single certificate based on the first matching cipher.