Re: [IOT] Question: SASL EXTERNAL for client auth

I've used sasl external on openfire with a nodejs client recently and blogged about it: http://servicelab.org/2012/04/26/how-to-use-xmpp-sasl-external-with-node-js/ My experience is that maneging the certicicates is not that easy. Also it doesnt help that the certificates need to be server signed as well. Hope this helps. Br. Eelco Sent from my mobile phone On 13 mrt. 2013, at 16:07, "Thomas Nichols" <tnichols@enernoc.com<mailto:tnichols@enernoc.com>> wrote: Can anyone speak from experience on using SASL EXTERNAL for c2s connections? E.g. A client authenticating with a certificate rather than a password. Certificates seem more appropriate for managing many IoT cases. I can't find much — or any — information on SASL EXTERNAL support for most of the common servers and client implementations. So has anyone used certificate auth for XMPP clients? I'm particularly interested in the more common open source clients and servers – Smack, OpenFire, ejabberd, Prosody but any first-hand knowledge would be helpful. Thanks in advance. -Thom This email and any information disclosed in connection herewith, whether written or oral, is the property of EnerNOC, Inc. and is intended only for the person or entity to which it is addressed. This email may contain information that is privileged, confidential or otherwise protected from disclosure. Distributing or copying any information contained in this email to anyone other than the intended recipient is strictly prohibited. _______________________________________________ IOT mailing list IOT@xmpp.org<mailto:IOT@xmpp.org> http://mail.jabber.org/mailman/listinfo/iot This e-mail and its contents are subject to the DISCLAIMER at http://www.tno.nl/emaildisclaimer