Jabber

From
Jump to: navigation, search

When installing jabberd2 it asks for jabberd2.status or the status table

this is the sql to create it as it isn't in the installation

 CREATE TABLE `status` (
	    `collection-owner` TEXT NOT NULL,
	    `object-sequence` BIGINT NOT NULL AUTO_INCREMENT, KEY(`object-sequence`),
	    `status` TEXT NOT NULL,
	    `show` TEXT NOT NULL,
	    `last-login` INT DEFAULT '0',
	    `last-logout` INT DEFAULT '0');


A.6. Generating a Self-Signed SSL Certificate

This appendix describes how to generate a self-signed OpenSSL certificate for use with Jabberd.

I Important: Key Is Self-Signed

   The key generated by the instructions below is self-signed. Such a key is not part of a trust hierarchy. When used to secure communications with Jabber clients, a self-signed key will usually cause warnings to appear because its authenticity cannot be verified against a trusted key. 

A.6.1. Generate Key Pair

From a working directory, enter the command below to begin an interactive key generation process:

     openssl req -new -x509 -newkey rsa:1024 -days 3650 -keyout privkey.pem -out server.pem

You will be prompted for a passphrase for the private key. After entering and confirming your passphrase, you will be prompted for public information about your key.

N Note: Common Name

   Note that you should enter your domain name as the Common Name for your certificate. 

N Note: Key Lifetime

   Note that the command above creates a key with a 3650 day (10 year lifetime). To change the key lifetime, use a different number of days for the -days parameter. 

A.6.2. Remove Passphrase

Enter this command to remove the passphrase from your private key:

     openssl rsa -in privkey.pem -out privkey.pem

A.6.3. Combine the Private and Public Key

Enter this command to combine the private and public keys into a single file:

     cat privkey.pem >> server.pem

A.6.4. Delete Private Key

You should now delete your private key:

     rm privkey.pem

A.6.5. Move Key and Set Permissions

You can now move your key to its permanent location. For example, to move the key to the default Jabberd pemfile location, you would enter this command (as superuser):

     mv server.pem /usr/local/etc/jabberd/server.pem

Then, you should set permissions on this file so that it is owned by superuser and is readonly (as superuser):

     chown root:jabber /usr/local/etc/jabberd/server.pem    
     chmod 640 /usr/local/etc/jabberd/server.pem

Your certificate is now ready for use by Jabberd. You should make a backup (such as to a floppy) of your certificate.