Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-1855

S2S: Allow Mutual Authentication by default when using signed certificate

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.5.0
    • Component/s: TLS
    • Labels:
      None

      Description

      Openfire allows mutual authentication (SASL EXTERNAL) for all connection types, although the default setting disables this feature.

      If a properly signed (instead of the default self-signed) certificate is installed, I'm not seeing downsides in allowing SASL EXTERNAL. It would be good to have this enabled for S2S, as it reduces the complexity for S2S establishment (the alternative approach, Dialback, requires an elaborate handshake).

        Attachments

          Activity

            People

            Assignee:
            guus Guus der Kinderen
            Reporter:
            guus Guus der Kinderen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: