Mercurial > prosody-modules
annotate mod_s2s_auth_posh/README.markdown @ 3568:6b3181fe5617
mod_auth_token: Timezone fix for TOTP checking
luatz.time() returns milliseconds since epoch which is in UTC time, so we don't
need to convert to UTC with gmtime.
By calling gmtime, TOTP validation was failing when this module wasn't running
on machine set to UTC time.
| author | JC Brand <jc@opkode.com> |
|---|---|
| date | Thu, 02 May 2019 11:07:27 +0200 |
| parents | 517c7f0333e3 |
| children |
| rev | line source |
|---|---|
|
3206
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 --- |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 labels: |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 - 'Type-S2SAuth' |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 --- |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 Introduction |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 ============ |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
9 [PKIX over Secure HTTP (POSH)][rfc7711] describes a method of |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
10 securely delegating a domain to a hosting provider, without that hosting |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 provider needing keys and certificates covering the hosted domain. |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 |
|
3225
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
13 # Validating |
|
3206
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
15 This module performs POSH validation of other servers. It is *not* |
|
d57635562216
mod_s2s_auth_posh: Beginnings of a README
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
16 needed to delegate your own domain. |
|
3225
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
17 |
|
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
18 # Delegation |
|
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
19 |
|
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
20 You can generate the JSON delegation file from a certificate by running |
|
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
21 `prosodyctl mod_s2s_auth_posh /path/to/example.crt`. This file needs to |
|
517c7f0333e3
mod_s2s_auth_posh: Add a command for generating the JSON file
Kim Alvefur <zash@zash.se>
parents:
3206
diff
changeset
|
22 be served at `https://example.com/.well-known/posh/xmpp-server.json`. |