Mercurial > prosody-modules

view mod_s2s_auth_posh/README.markdown @ 5181:2c6acf2d6fd4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_oauth2: Fix removal of consumed authorization codes Fixes mod_http_oauth2.lua:34: bad argument #2 to 'difftime' (number expected, got nil) The extra preceding argument to :set stored the client-id#code as a value instead of clearing the key, and then later in the periodic cleanup timer this string would be indexed, producing a nil and a traceback
author Kim Alvefur <zash@zash.se>
date Wed, 01 Mar 2023 21:11:48 +0100
parents 517c7f0333e3
children
line wrap: on
line source

---
labels:
- 'Type-S2SAuth'
---

Introduction
============

[PKIX over Secure HTTP (POSH)][rfc7711] describes a method of
securely delegating a domain to a hosting provider, without that hosting
provider needing keys and certificates covering the hosted domain.

# Validating

This module performs POSH validation of other servers. It is *not*
needed to delegate your own domain.

# Delegation

You can generate the JSON delegation file from a certificate by running
`prosodyctl mod_s2s_auth_posh /path/to/example.crt`. This file needs to
be served at `https://example.com/.well-known/posh/xmpp-server.json`.