Comparison

mod_s2s_auth_fingerprint/README.markdown @ 1803:4d73a1a6ba68

Convert all wiki pages to Markdown
author Kim Alvefur <zash@zash.se>
date Fri, 28 Aug 2015 18:03:58 +0200
parent 1782:mod_s2s_auth_fingerprint/README.wiki@29f3d6b7ad16
child 1820:8de50be756e5
comparison
equal deleted inserted replaced
1802:0ab737feada6 1803:4d73a1a6ba68
1 ---
2 labels:
3 - 'Stage-Alpha'
4 - 'Type-S2SAuth'
5 summary: Fingerprint based s2s authentication
6 ...
7
8 Introduction
9 ============
10
11 This module allows you to manually pin certificate fingerprints of
12 remote servers.
13
14 Details
15 =======
16
17 Servers not listed in the configuration are not affected.
18
19 Configuration
20 =============
21
22 After installing and enabling this module, you can put fingerprints of
23 remote servers in your config like this:
24
25 s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512"
26 s2s_trusted_fingerprints = {
27 ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED";
28 ["matthewwild.co.uk"] = {
29 "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA";
30 "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0";
31 };
32 }
33
34 -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too
35 s2s_secure_domains = {
36 "jabber.org";
37 }
38
39 Compatibility
40 =============
41
42 ------- --------------
43 trunk Works
44 0.9 Works
45 0.8 Doesn't work
46 ------- --------------