date:20131104

Re: jabberd2 encryption HOWTO

2013-11-04 Thread Justin T Pryzby

On Mon, Nov 04, 2013 at 02:41:16PM -0800, Peter Saint-Andre wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Would someone in the jabberd2 community consider writing a brief howto
 about configuring jabberd2 so that it allows only encypted
 connections? Someone at the IETF meeting asked me about it just now
 and I didn't have any pointers for him.
If you mean in C2S: id require-starttls='1'.

You can also set ssl-port5223/ssl-port, which will naturally
reject anything that's not valid SSL (different from xmpp+starttls).

Justin

Re: jabberd2 encryption HOWTO

2013-11-04 Thread Sergio Durigan Junior

On Monday, November 04 2013, Justin T. Pryzby wrote:

 If you mean in C2S: id require-starttls='1'.

 You can also set ssl-port5223/ssl-port, which will naturally
 reject anything that's not valid SSL (different from xmpp+starttls).

Also, if you want to allow *only* encrypted connections between
server-to-server, you will want to look at your s2s.xml, and uncomment
require_tls/:

  security
!-- Require TLS secured S2S connections --
!--
  require_tls/
--

Don't forget to uncomment the pemfile...pemfile/ tags as well.

-- 
Sergio

Re: jabberd2 encryption HOWTO

2013-11-04 Thread Peter Saint-Andre

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 11/4/13 3:18 PM, Sergio Durigan Junior wrote:
 On Monday, November 04 2013, Justin T. Pryzby wrote:
 
 If you mean in C2S: id require-starttls='1'.
 
 You can also set ssl-port5223/ssl-port, which will naturally 
 reject anything that's not valid SSL (different from
 xmpp+starttls).
 
 Also, if you want to allow *only* encrypted connections between 
 server-to-server, you will want to look at your s2s.xml, and
 uncomment require_tls/:
 
 security !-- Require TLS secured S2S connections -- !-- 
 require_tls/ --
 
 Don't forget to uncomment the pemfile...pemfile/ tags as well.

Thanks. I've passed this along to my colleague at the IETF.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSeCwPAAoJEOoGpJErxa2pJYEQAKjof4xlP136jB8NVN5FGPMu
F3Kbc8GHvKHM7JoDsxms3sYWWf7YyI+yxbCMpcrOPF8PmU6axjvaAKuGr36/YdDG
xhs9HGsfEDtY7LjE06Hm8ahgi7UX1lI10FpsQmEC6Ofs49gTDLHrA6W5vZfkAMi/
ifohe/mcj8yJeZkzn5T2yKjAWO4FG1KUSV049EycYIf29PXEzYGOkEa0zd5AX41U
uVddo5VKxR8DeQctnwaFkuqigobHmS+GsI+UpitQiekbkVwjakdfbXQbkngbABtB
p5OP8Xof31ytaBOSnDMdy8hsQMiWMqbyxmvsvAQZksoMfaO4dOx4WHksD+b+ROvp
X8yLtczJZWiyPhVZd0gzgJRFizIYiwSwiMlEJxAHOup3FUGDNaeuGobpuuYZ0ICM
AerH3dZjA9cDKZocOCqt6Dv3tXCmkQYtbLUK0WTtN9afuJAW+xwAcsrbIyn1US9J
LfMj/SMf08YEbo7OWOdjg5j1fNxMfbDbmdKQ/IRSzIPrHhjtGIZcPFUWKWybDaHl
yIuU8TMH4L8YNmi+7I0idTwcbV9OP8VjHczgC7Naz6KZW7vc76iixCw37QWm87aq
e0q2l+kzbfLus1NxYnKXLuULwzMgjUKTikJ+wIwIHyENFVJxYe6qQOddx0wrS5oq
AMIJGZOfoo5Uxnu0HWpF
=RyMH
-END PGP SIGNATURE-

Re: jabberd2 encryption HOWTO

Re: jabberd2 encryption HOWTO

Re: jabberd2 encryption HOWTO

3 matches

Site Navigation

Mail list logo

Footer information