Because there are problems/bugs with ejabberd 13.x connecting to our transports we just replaced the certificate for our main virtual host jabber.hot-chilli.net. This host also does service our transports.
Until then we had used a certificate with the common name *.hot-chilli.net, now we have one with jabber.hot-chilli.net and *.jabber.hot-chilli.net common names which does not lead to the problem.
Some days ago we already replaced the *.hot-chilli.net due to the OpenSSL Heartbleed bug.