[jadmin] Re: pem file

Stephen Marquard scm at marquard.net
Thu Oct 13 01:34:06 CDT 2005

Florian 'fh' Holzhauer wrote:
> Hi Slobo,
>>After reading this tutorial: http://www.jms1.net/jabberd2/ ,that helped me
>>much to setup multi-domain jabberd2 server, I am wondering is it possible to
>>have one pem file per domain.
> > SSL works "by IP", not "by Domain". The ssl connection is established
> at a point where jabberd wont know which domain respectively which
> ..pem to choose.
> You will need one IP for each domain if you want to have an own
> certificat for every domain - this is not a restriction by jabberd but
> by SSL.

That is a necessary restriction for SSL connections on port 5223, but not 
necessary for STARTTLS on port 5222, where the client asserts the domain name, 
and the jabber server can then present an appropriate certificate.

jabberd2 doesn't support this yet though (i.e. each c2s process / port/ip pair 
can only present one certificate).


More information about the JAdmin mailing list