prosody-wiki: mod_s2s_auth_fingerprint.wiki annotate

annotate mod_s2s_auth_fingerprint.wiki @ 514:9427318ae72d default tip

added page for mod_delegation

author	Goffi <goffi@goffi.org>
date	Thu, 07 May 2015 23:31:20 +0200
parents	171663daa144
children

rev	line source
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	1 #summary Fingerprint based s2s authentication
414 dc20cb1bb874 add some labels Kim Alvefur <zash@zash.se> parents: 399 diff changeset	2 #labels Stage-Alpha, Type-S2SAuth
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	3
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	4 = Introduction =
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	5
451 171663daa144 mod_s2s_auth_fingerprint: remove info about pinning, this is the default now Kim Alvefur <zash@zash.se> parents: 419 diff changeset	6 This module allows you to manually pin certificate fingerprints of remote servers.
399 c35cf2a46b78 mod_s2s_auth_fingerprint: Describe cert pinning mode Kim Alvefur <zash@zash.se> parents: 363 diff changeset	7
c35cf2a46b78 mod_s2s_auth_fingerprint: Describe cert pinning mode Kim Alvefur <zash@zash.se> parents: 363 diff changeset	8 = Details =
c35cf2a46b78 mod_s2s_auth_fingerprint: Describe cert pinning mode Kim Alvefur <zash@zash.se> parents: 363 diff changeset	9
c35cf2a46b78 mod_s2s_auth_fingerprint: Describe cert pinning mode Kim Alvefur <zash@zash.se> parents: 363 diff changeset	10 Servers not listed in the configuration are not affected.
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	11
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	12 = Configuration =
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	13
419 fdff0de712a7 mod_s2s_auth_fingerprint: Describe how to change the digest. (thanks hardfalcon) Kim Alvefur <zash@zash.se> parents: 414 diff changeset	14 After installing and enabling this module, you can put fingerprints of remote servers in your config like this:
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	15
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	16 {{{
419 fdff0de712a7 mod_s2s_auth_fingerprint: Describe how to change the digest. (thanks hardfalcon) Kim Alvefur <zash@zash.se> parents: 414 diff changeset	17 s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512"
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	18 s2s_trusted_fingerprints = {
363 4a39ef28e2d9 slight change and fix syntax error in example config Kim Alvefur <zash@zash.se> parents: 330 diff changeset	19 ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED";
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	20 ["matthewwild.co.uk"] = {
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	21 "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA";
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	22 "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0";
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	23 };
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	24 }
451 171663daa144 mod_s2s_auth_fingerprint: remove info about pinning, this is the default now Kim Alvefur <zash@zash.se> parents: 419 diff changeset	25
171663daa144 mod_s2s_auth_fingerprint: remove info about pinning, this is the default now Kim Alvefur <zash@zash.se> parents: 419 diff changeset	26 -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too
171663daa144 mod_s2s_auth_fingerprint: remove info about pinning, this is the default now Kim Alvefur <zash@zash.se> parents: 419 diff changeset	27 s2s_secure_domains = {
171663daa144 mod_s2s_auth_fingerprint: remove info about pinning, this is the default now Kim Alvefur <zash@zash.se> parents: 419 diff changeset	28 "jabber.org";
171663daa144 mod_s2s_auth_fingerprint: remove info about pinning, this is the default now Kim Alvefur <zash@zash.se> parents: 419 diff changeset	29 }
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	30 }}}
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	31
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	32 = Compatibility =
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	33
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	34 \|\|trunk\|\|Works\|\|
533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	35 \|\|0.9\|\|Works\|\|
399 c35cf2a46b78 mod_s2s_auth_fingerprint: Describe cert pinning mode Kim Alvefur <zash@zash.se> parents: 363 diff changeset	36 \|\|0.8\|\|Doesn't work\|\|
330 533a06d9b6db added mod_s2s_auth_fingerprint.wiki Kim Alvefur <zash@zash.se> parents: diff changeset	37

Mercurial > prosody-wiki

annotate mod_s2s_auth_fingerprint.wiki @ 514:9427318ae72d default tip