Mercurial > prosody-wiki
view mod_s2s_auth_fingerprint.wiki @ 455:5f111a4e13fb
mod_s2s_auth_dane.wiki: drep mention of luajit, not required anymore
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Mon, 19 May 2014 11:28:47 +0200 |
parents | 171663daa144 |
children |
line wrap: on
line source
#summary Fingerprint based s2s authentication #labels Stage-Alpha, Type-S2SAuth = Introduction = This module allows you to manually pin certificate fingerprints of remote servers. = Details = Servers not listed in the configuration are not affected. = Configuration = After installing and enabling this module, you can put fingerprints of remote servers in your config like this: {{{ s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512" s2s_trusted_fingerprints = { ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED"; ["matthewwild.co.uk"] = { "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA"; "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0"; }; } -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too s2s_secure_domains = { "jabber.org"; } }}} = Compatibility = ||trunk||Works|| ||0.9||Works|| ||0.8||Doesn't work||