Unfortunately not. There are a certain number of approved CA's which wave will recognise (this is a feature of the JVM that wave runs in I believe), which means that for federation, both servers need to be able to verify the CA as approved.
James On Mon, Oct 18, 2010 at 11:16 PM, Vega <[email protected]> wrote: > Is it possible to create your own CA and sign with it? > > On Oct 18, 1:51 am, Soren Lassen <[email protected]> wrote: >> Thanks, that's very helpful. >> >> I believe the XMPP certificate needs to be "wave.domain.com" (not >> "mail.domain.com" or "www.domain.com"). >> >> Moreover, Anthony tells me that there are these additional steps to >> post-process the key you get from the CA (StartCom in his case): >> >> " >> remove the passphrase with >> openssl rsa -in ssl.key -out ssl.key2 >> then convert it to a different format with >> openssl pkcs8 -topk8 -nocrypt -in ssl.key2 -out initech-corp.com.key >> " >> >> Soren >> >> >> >> On Sun, Oct 17, 2010 at 1:51 PM, Vega <[email protected]> wrote: >> > I could generate certificates for federation from StartSSL following >> > instructions >> > athttp://www.curtis-lamasters.com/2008/07/30/apache2-on-ubuntu-openssl-... >> > I also put them here: >> > ----------------------------------------------------------- >> > Now lets create the server SSL key. >> >> > openssl genrsa -des3 -out example.com.key 2048 >> >> > Ok, now that we have the key, let’s create the CSR to be given to the >> > CA. >> >> > openssl req -new -key dns.server.com.key -out example.com.csr >> >> > It will prompt you for the passphrase and some other bits of >> > information. The most important one is site name. This must match >> > the name of your server. Something like mail.domain.com orwww.domain.com >> > would be appropriate here.The CSR can now be uploaded to whatever CA >> > you choose. >> > ---------------------------------------------------------------- >> >> > On Oct 14, 8:26 am, Soren Lassen <[email protected]> wrote: >> >> Sorry for the slow response. The certs for our acmewave.com instance >> >> had expired and it took us a while to fix (the instructions >> >> athttp://www.waveprotocol.org/federation/certificatesarehorribly >> >> broken and misleading, can someone who understands this stuff please >> >> help fix them?) so we couldn't test it ourselves till now. >> >> >> I discovered one silly bug in RemoteWaveletContainerImpl which >> >> prevented initiating contact from wavesandbox.com. The bug was fixed >> >> just now >> >> in:http://code.google.com/p/wave-protocol/source/detail?r=5276114aa6 >> >> >> With this fix I was able to successfully add acmewave.com >> >> participants, including [email protected]. Unfortunately, echoey >> >> only runs for a short while (a few minutes?) until it disconnects, as >> >> reported in issue >> >> 110:http://code.google.com/p/wave-protocol/issues/detail?id=110 >> >> >> We need a fix for that... >> >> >> Soren >> >> >> On Tue, Oct 5, 2010 at 2:28 PM, James Purser <[email protected]> >> >> wrote: >> >> > I've got collaborynth.com.au up and running but I have no idea if it's >> >> > federating properly. >> >> >> > I have [email protected] running though I'm noticing issues >> >> > with echoey and updating the web client. >> >> >> > James >> >> >> > On Tue, Oct 5, 2010 at 1:27 PM, Matt Richards <[email protected]> >> >> > wrote: >> >> >> While I've been testing Federation with sandbox, I am still getting >> >> >> some >> >> >> strange results. Is there another, more updated perhaps, server I can >> >> >> test >> >> >> with? Is there somebody I could collaborate with in real time, while >> >> >> testing? Just want to make sure it not something on my end that is >> >> >> causing >> >> >> my issues with wavesandbox.com >> >> >> Thanks >> >> >> -- >> >> >> --Matt >> >> >> >> -- >> >> >> You received this message because you are subscribed to the Google >> >> >> Groups >> >> >> "Wave Protocol" group. >> >> >> To post to this group, send email to [email protected]. >> >> >> To unsubscribe from this group, send email to >> >> >> [email protected]. >> >> >> For more options, visit this group at >> >> >>http://groups.google.com/group/wave-protocol?hl=en. >> >> >> > -- >> >> > You received this message because you are subscribed to the Google >> >> > Groups "Wave Protocol" group. >> >> > To post to this group, send email to [email protected]. >> >> > To unsubscribe from this group, send email to >> >> > [email protected]. >> >> > For more options, visit this group >> >> > athttp://groups.google.com/group/wave-protocol?hl=en. >> >> > -- >> > You received this message because you are subscribed to the Google Groups >> > "Wave Protocol" group. >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group >> > athttp://groups.google.com/group/wave-protocol?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Wave Protocol" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/wave-protocol?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en.
