Mercurial > prosody-modules
comparison mod_s2s_auth_fingerprint/README.wiki @ 1782:29f3d6b7ad16
Import wiki pages
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 24 Aug 2015 16:43:56 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 1781:12ac88940fe3 | 1782:29f3d6b7ad16 |
|---|---|
| 1 #summary Fingerprint based s2s authentication | |
| 2 #labels Stage-Alpha, Type-S2SAuth | |
| 3 | |
| 4 = Introduction = | |
| 5 | |
| 6 This module allows you to manually pin certificate fingerprints of remote servers. | |
| 7 | |
| 8 = Details = | |
| 9 | |
| 10 Servers not listed in the configuration are not affected. | |
| 11 | |
| 12 = Configuration = | |
| 13 | |
| 14 After installing and enabling this module, you can put fingerprints of remote servers in your config like this: | |
| 15 | |
| 16 {{{ | |
| 17 s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512" | |
| 18 s2s_trusted_fingerprints = { | |
| 19 ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED"; | |
| 20 ["matthewwild.co.uk"] = { | |
| 21 "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA"; | |
| 22 "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0"; | |
| 23 }; | |
| 24 } | |
| 25 | |
| 26 -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too | |
| 27 s2s_secure_domains = { | |
| 28 "jabber.org"; | |
| 29 } | |
| 30 }}} | |
| 31 | |
| 32 = Compatibility = | |
| 33 | |
| 34 ||trunk||Works|| | |
| 35 ||0.9||Works|| | |
| 36 ||0.8||Doesn't work|| | |
| 37 |