When I go to Sessions - Server Sessions, most connections are not symmertrically encrypted: incoming connection has a padlock, but outgoing does not. (screen attached) My S2S security preferences are set to "optional", because in "Required" mode I can't talk to most of my contacts.
I thought it's a certificate problem on the remote servers - but these servers get a good grade in XMPP TLS test:
https://xmpp.net/result.php?domain=jabber.no&type=server
https://xmpp.net/result.php?domain=jabber.ccc.de&type=server
I've even disabled the certificate verification (xmpp.server.certificate.verify.root and xmpp.server.certificate.verify) and most outgoing connections still aren't using TLS.
Am I missing some setting?