Securing ejabberd


#1

I’ve started using let’s encrypt for the first time thanks to this guide that brought me here for configuring XMPP servers with SSL: https://wiki.xmpp.org/web/Securing_XMPP

The guide doesn’t point out exactly which certificate should be used when configuring ejabberd and was wondering if anyone here might be able to help.


#2

As there doesn’t seem to be a separate parameter for intermediate certificates fullchain.pem should do.


#3

According to https://raymii.org/s/tutorials/Ejabberd_SSL_Certificate.html ejabberd wants all “separate” items (private key, certificate and chain) in one file. As fullchain.pem is missing the private key, you should make the needed file yourself (or with a script with one of the certbot “hooks” for automation)

So: cat privkey.pem cert.pem chain.pem > ejabberd.pem (or: cat privkey.pem fullchain.pem > ejabberd.pem


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.