SSL23_WRITE：ssl握手失败：s23_lib.c：177

尝试通过SSL连接到xmpp服务器时，openssl失败并显示以下错误：3071833836：错误：140790E5：SSL例程：SSL23_WRITE：ssl握手失败：s23_lib.c：177

我相信服务器使用RC4-MD5密码，这里是完整的输出：

[root@localhost ~]# openssl s_client -connect 184.106.52.124:5222 -cipher RC4-MD5
CONNECTED(00000003)
>>> SSL 2.0 [length 0032], CLIENT-HELLO
    01 03 03 00 09 00 00 00 20 00 00 04 01 00 80 00
    00 ff b0 c9 c2 3f 0b 0e 98 df b4 dc fe b7 e8 8f
    17 9a 34 b5 9b 17 1b 2b ac 01 dc bd 2b a9 2d 18
    44 0c
3071866604:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 52 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

使用gnutls-cli：

[root@localhost ~]# gnutls-cli 184.106.52.124 -p 5222
Resolving '184.106.52.124'...
Connecting to '184.106.52.124:5222'...
*** Fatal error: A TLS packet with unexpected length was received.
*** Handshake has failed
GNUTLS ERROR: A TLS packet with unexpected length was received.

在端口5223上连接到同一服务器工作正常。

在Ubuntu 14.04.1上使用CentOS 6.5和OpenSSL 1.0.1f上的OpenSSL 1.0.1e-fips

有关如何排除故障的任何提示？提前致谢。

从你到目前为止发布的内容来看，这听起来有点像端口5222上的进程侦听没有使用SSL。作为诊断，也许可以尝试这里找到的答案：

https://serverfault.com/questions/37699/how-to-check-if-a-server-support-xmpp-protocol/37722#37722

此外，它看起来像这里：https：//stackoverflow.com/questions/3452161/which-ports-does-xmpp-use，端口5222上的连接通常不受SSL保护（参见RFC 3920，附录D1）。