Tutorial on ejabberd, postfix, dovecot and or nginx with letsencrypt

Doemela · April 16, 2016, 12:54pm

Doemela:

The CA you can dl from Chain of Trust - Let's Encrypt see the [txt] [pem] [der] behind the "Intermediate Certificates" make the ca.crt and copy/paste the cert out of [txt] or dl the [pem] and upload it to where u want.

Then do:
cat /etc/letsencrypt/live/domain.tld/privkey.pem /etc/letsencrypt/live/domain.tld/fullchain.pem /etc/ejabberd/ca.crt >> /etc/ejabberd/ejabberd.pem

Edit /etc/ejabberd/ejabberd.yml
[SNIP]
listen:
port: 5222
module: ejabberd_c2s
certfile: "/etc/ejabberd/ejabberd.pem"
starttls_required: true
protocol_options:
   - "no_sslv2"    
   - "no_sslv3"
ciphers: "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH"
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
port: 5269
module: ejabberd_s2s_in
[SNIP]

port: 5280
module: ejabberd_http
web_admin: true
http_bind: true
register: true
captcha: true
certfile: "/etc/ejabberd/ejabberd.pem"
tls: true
[SNIP]
s2s_use_starttls: required
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
s2s_protocol_options:

"no_sslv2"

"no_sslv3"

s2s_ciphers: "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH"

[END EDIT] Save the conf and restart ejabberd

This is enough for ejabberd:
cat /etc/letsencrypt/live/domain.tld/privkey.pem /etc/letsencrypt/live/domain.tld/fullchain.pem >> /etc/ejabberd/ejabberd.pem

Topic		Replies	Views
Ejjabberd + windows + letsencrypt certificate Help	9	1916	August 23, 2020
How to migrate manually setup letsencrypt to either nginx or CNAME challenge? Server	2	2442	May 2, 2018
Coming from letsencrypt.sh and going to certbot Server	4	1973	October 21, 2016
Howto: easy cert generation and renewal with nginx Server	20	54272	November 22, 2018
NGINX Installation Server	12	22016	January 5, 2016

Tutorial on ejabberd, postfix, dovecot and or nginx with letsencrypt

Related topics