Under Connect Server enter the FQDN of your XMPP server. Leave this secure default, as we have already setup SSL/TLS! Password: The password of the user, specified in the Ejabberd admin interface.īy default “Connection Security” will be set to “Require Encryption”. Resource: Corresponds to the name of the plaintext port (5222). Username: Corresponds to JUST the username created in the Ejabberd admin interface.ĭomain: Corresponds to the name of the virtual host in the Ejabberd admin interface Under Protocol, selecting XMPP will bring up the following options: Now we can download and install the Pidgin IM client. Issue: systemctl restart ejabberdto restart the service. Move your bundle.pem file into the conf directory under /opt/ejabberd.īack in the ejabberd.yml file, locate the line " certfiles:" and replace with your bundle containing the publicly signed certificate. Note that ejabberd supports LDAP (including Microsoft’s Active Directory) for authentication, but that is beyond the scope of this guide. From the web interface, navigate to your virtual host (named the same as your machine’s host name) and select “Users”.Ĭreate at least one user. StartTLS is a method of employing SSL/TLS whereby a connection starts off in the clear, and SSL/TLS is invoked by the client at the beginning of the conversation. Ejabberd previously used explicit SSL/TLS to secure communications, but chats are now secured via StartTLS. It is recommended to change this default password for production usage.Įjabberd ships with a self-signed certificate which we will be replacing with our publicly signed cert. For example, I would visit Ĭheck the file /opt/ejabberd/conf for the default username The default password is admin. It can be hit over SSL/TLS using a self-signed certificate on port 5443. Setup ejabberd as a system service: cp rvice /etc/systemd/system (CD into the directory ejabberd was installed into) If you have them in separate files, you can issue the following command to construct the bundle ejabberd is looking for: cat key.pem cert.pem > bundle.pem You can get many SSL/TLS brands right from Ejabberd expects a single certificate file concatenating the base64 encoded public key underneath the private key. Generate a CSR and get it publicly signed. You may have to rename the downloaded file to b. An Ubuntu 20.04 machine connected to the internet.ĭownload and install the latest Debian Ejabberd Community Server package from here:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |