[IOT] Question: SASL EXTERNAL for client auth

Cramer, E.R. (Eelco) Eelco.Cramer at tno.nl
Wed Mar 13 19:14:27 UTC 2013

I've used sasl external on openfire with a nodejs client recently and blogged about it: http://servicelab.org/2012/04/26/how-to-use-xmpp-sasl-external-with-node-js/

My experience is that maneging the certicicates is not that easy. Also it doesnt help that the certificates need to be server signed as well.

Hope this helps.

Br. Eelco

Sent from my mobile phone

On 13 mrt. 2013, at 16:07, "Thomas Nichols" <tnichols at enernoc.com<mailto:tnichols at enernoc.com>> wrote:

Can anyone speak from experience on using SASL EXTERNAL for c2s connections?  E.g. A client authenticating with a certificate rather than a password.  Certificates seem more appropriate for managing many IoT cases.

I can't find much — or any — information on SASL EXTERNAL support for most of the common servers and client implementations.  So has anyone used certificate auth for XMPP clients?  I'm particularly interested in the more common open source clients and servers – Smack, OpenFire, ejabberd, Prosody but any first-hand knowledge would be helpful.

Thanks in advance.

This email and any information disclosed in connection herewith, whether written or oral, is the property of EnerNOC, Inc. and is intended only for the person or entity to which it is addressed.
This email may contain information that is privileged, confidential or otherwise protected from disclosure.
Distributing or copying any information contained in this email to anyone other than the intended recipient is strictly prohibited.
IOT mailing list
IOT at xmpp.org<mailto:IOT at xmpp.org>
This e-mail and its contents are subject to the DISCLAIMER at http://www.tno.nl/emaildisclaimer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/iot/attachments/20130313/969b12a1/attachment-0001.html>

More information about the IOT mailing list