Difference between revisions of "Securing XMPP"

Jump to navigation Jump to search

Securing XMPP (view source)

Revision as of 10:09, 29 October 2020

170 bytes added ,  10:09, 29 October 2020
Mention that server certificates should include SANs for subdomains.
m (→‎Metronome: Correct broken links)
(Mention that server certificates should include SANs for subdomains.)
Line 10: Line 10:


=== Step1: Get a server certificate===
=== Step1: Get a server certificate===
Let's say you run an XMPP service for <code>example.net</code> (jids of user@example.net), you will need to order a certificate for with a subject or alt-name of <code>example.net</code> (not <code>server.example.net</code>) from your preferred cert provider.
Let's say you run an XMPP service for <code>example.net</code> (jids of user@example.net), you will need to order a certificate for with a subject or alt-name of <code>example.net</code> (not <code>server.example.net</code>) from your preferred cert provider. The certificate should also include alt-names for subomains such as <code>conference.example.net</code>, at least for services that should be accessible to remote users.


=== Step 2: Disable cleartext connections ===
=== Step 2: Disable cleartext connections ===
Holger
43

edits

Retrieved from "https://wiki.xmpp.org/web/Special:MobileDiff/13200"

Navigation menu