mod_tls
Enables SSL/TLS encryption on connected streams.
Details
mod_tls implements TLS as described in XMPP Core. For information on obtaining and configuring certificates, see our documentation on certificates.
Usage
= {
modules_enabled -- Other modules
"tls"; -- Enable mod_tls
}
Configuration
Option | Default | Notes |
---|---|---|
c2s_require_encryption | false | Whether to force all client-to-server connections to be encrypted or not |
s2s_require_encryption | false | Whether to force all server-to-server connections to be encrypted or not (you may also want to enforce certificate authentication - see s2s security for more info) |
These options will cause Prosody to deny connections that are not encrypted. Note that some servers do not support s2s encryption or have it disabled, including gmail.com and Google Apps domains.
Example
= {
modules_enabled -- Other modules
"tls"; -- Enable mod_tls
}
= true
c2s_require_encryption = true s2s_require_encryption