prosody-modules
fd2e48d4ac94
mod_s2s_auth_fingerprint/README.markdown
Software / code / prosody-modules
File
mod_s2s_auth_fingerprint/README.markdown @ 4838:fd2e48d4ac94
mod_bookmarks2: Advertise XEP-0049 support
In the case mod_private isn’t loaded, some clients (like poezio) won’t even
attempt to use Private XML Storage unless this feature is advertised. This is
on the domain JID and not on the account JID!
| author | Emmanuel Gil Peyrot <linkmauve@linkmauve.fr> |
|---|---|
| date | Sun, 26 Dec 2021 14:51:35 +0100 |
| parent | 1820:8de50be756e5 |
line wrap: on
line source
--- labels: - 'Stage-Alpha' - 'Type-S2SAuth' summary: Fingerprint based s2s authentication ... Introduction ============ This module allows you to manually pin certificate fingerprints of remote servers. Details ======= Servers not listed in the configuration are not affected. Configuration ============= After installing and enabling this module, you can put fingerprints of remote servers in your config like this: ``` {.lua} s2s_auth_fingerprint_digest = "sha1" -- This is the default. Other options are "sha256" and "sha512" s2s_trusted_fingerprints = { ["jabber.org"] = "11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED"; ["matthewwild.co.uk"] = { "FD:7F:B2:B9:4C:C4:CB:E2:E7:48:FB:0D:98:11:C7:D8:4D:2A:62:AA"; "CF:F3:EC:43:A9:D5:D1:4D:D4:57:09:55:52:BC:5D:73:06:1A:A1:A0"; }; } -- If you don't want to fall back to dialback, you can list the domains s2s_secure_domains too s2s_secure_domains = { "jabber.org"; } ``` Compatibility ============= ------- -------------- trunk Works 0.9 Works 0.8 Doesn't work ------- --------------
