[ejabberd] Built-in ACME client (Let's Encrypt) with XMPP protocol verification?

Colin 't Hart colin at sharpheart.org
Mon May 14 16:58:10 MSK 2018


I should elaborate slightly:

The verification is just to check the installed certificate -- not to
validate the domain. We're doing that with DNS validation almost
everywhere, even for public services, as it's one less option to think
about. I presume that the built-in ACME client is using HTTPS for both
verification of installed certificates and validation of domain. And that
we'd be better off continuing to use getssl as we do elsewhere.

Thanks,

Colin

On Mon, 14 May 2018 at 15:23, Colin 't Hart <colin at sharpheart.org> wrote:

> Hi,

> We're using getssl as our ACME client. We're able to specify to use the
> XMPP protocol on port 5222 for certificate verification.

> Is this possible with the built in ACME client? From what I've read, it
> appears it only uses HTTPS for certificate verification.

> Thanks,

> Colin


More information about the ejabberd mailing list