Issue in connecting to StartTLS configured XMPP Server

Question

I have configured ejabberd server for StartTLS with CA certificates . Below is the configuration:

{5222, ejabberd_c2s, [

            {access, c2s}, 
            {shaper, c2s_shaper},
                    starttls_required,
                    {certfile, "/etc/ejabberd/conf/ejabberd.pem"},
                    {max_stanza_size, 65536}
           ]},

My XMPP Client has been developed in java using Smack library. I want my XMPP client to work with the server only if the certificate is valid. But I am not able to do it. Below is my XMPP client code

ConnectionConfiguration config = new ConnectionConfiguration(host, port, serviceName);
config.setSASLAuthenticationEnabled(true);
config.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
config.setCompressionEnabled(true); 
config.setTruststorePath(trustStorePath);
config.setTruststorePassword(trustStorePwd);
config.setExpiredCertificatesCheckEnabled(true);
config.setNotMatchingDomainCheckEnabled(true);
config.setVerifyChainEnabled(true);

Even if I provide a dummy certificate in the truststore it is successfully making connection.

Have I missed something?

Answer 1

Try

config.setVerifyRootCAEnabled(true);