[ejabberd] eJabberd Certificates Confusion

Peter Schwindt peter at schwindt-net.de
Fri Feb 26 00:40:00 MSK 2016


Hi Steven,

On 25 Feb 2016, at 22:06, Steven Livingstone wrote:

[…]
> In my case I want to have an XMPP server at xmpp.domain.com but that
> would have multiple hosts so users can register at user at example.com,
> user at example.co.uk and so on. As far as I know, to properly do this I
> need a certificate for the server (xmpp.domain.com) as well as one for
> each host (example.com, example.co.uk and so on). This way you can
> trust the server you are accessing as well as know it is a trusted
> server for the hosts with associated certificates. Please correct me
> if an of the above is NOT true and my understanding is wrong.

That’s true. Simply get a cert for xmpp.domain.com and add a bunch of 
SAN (subjectAltName) entries for each other hostname/domain you want to 
serve. It’s all in one file then.

Best,
Peter


More information about the ejabberd mailing list