[ejabberd] TLS force security on all client connections

Augustine Ike augustineike at gmail.com
Fri Jan 15 17:08:50 MSK 2010


Sure, edit /etc/ejabberd/ejabberd.cfg
in The "LISTENING PORTS SECTION"
---------------------------------------------------------------------------------------------
  {5222, ejabberd_c2s, [
                        %%
                        %% If TLS is compiled and you installed a SSL
                        %% certificate, put the correct path to the
                        %% file and uncomment this line:
                        %%
                        {access, c2s},
                        {shaper, c2s_shaper},
                        starttls,
                        starttls_required,
                        {certfile, "/etc/ejabberd/ejabberd.pem"},
                        {max_stanza_size, 65536}
                       ]},

  %%
  %% To enable legacy SSL connection:
  %%
  {5223, ejabberd_c2s, [
                        {access, c2s},
                        {shaper, c2s_shaper},
                        tls, {certfile, "/etc/ejabberd/ejabberd.pem"},
                        {max_stanza_size, 65536}
                       ]},
---------------------------------------------------------------------------------------------------------
Make sure that the clients are configured for this too.
NOTE: I observed that pidgin some how defaults to TLS and connects.
That should be all







On Fri, Jan 15, 2010 at 8:28 AM, Andy Smith <a.smith at ukgrid.net> wrote:
> Hi,
>
>  can anyone tell me if its possible to force TLS on the server, that is it
> will not accept non-TLS connections from clients?
>
> thanks Andy.
>
> _______________________________________________
> ejabberd mailing list
> ejabberd at jabber.ru
> http://lists.jabber.ru/mailman/listinfo/ejabberd
>


More information about the ejabberd mailing list