ejabberd - Comments for "How to use different SSL certs for different virtual domains?" https://www.ejabberd.im/node/322 en Different SSL certificates for different virtual domains https://www.ejabberd.im/node/322#comment-1013 <p>According to today's commit (432), the <noindex><a href="/download" rel="nofollow" >development version of ejabberd</a></noindex> in Subversion supports this feature:</p> <pre>2005-11-05 Alexey Shchepin * src/ejabberd_config.erl: Support for per host certificates * src/ejabberd_c2s.erl: Likewise * src/ejabberd_s2s_out.erl: Likewise * src/ejabberd.cfg.example: Updated</pre><p> --<br /> sander</p> Sat, 05 Nov 2005 22:47:51 +0000 sander comment 1013 at https://www.ejabberd.im Multi-SSL https://www.ejabberd.im/node/322#comment-732 <p>I think this is more a problem with SSL itself than ejabberd. IIRC SSL certs are issued based on IP not domain so you can't have multiple SSL Certs for different virtual hosts</p> Fri, 19 Aug 2005 17:35:11 +0000 Aldoliel comment 732 at https://www.ejabberd.im different ports; DNS SRV https://www.ejabberd.im/node/322#comment-715 <blockquote>that seems to be not possible if I use the standard ports 5222 oder 5223</blockquote> <p>Right now (ejabberd 0.9.8) the SSL cert is specified on the 'listen' section, so it's specified per-node. Try the web admin: the 'listened sockets' page is available only on the main server, not on the virtual hosts subparts.</p> <p>You could define two ports (5222 and 5224), on each one set a different SSL cert and allow logins only to the corresponding users (using 'acl'+'access'). But this way, some of your users will have to configure their clients manually.</p> <blockquote>I could setup different SRV dns records but I'm not sure how many Jabber clients actually query these records.</blockquote> <p>If I remember correctly, Exodus, Psi and Pandion do. Tkabber doesn't.</p> Mon, 15 Aug 2005 14:15:59 +0000 mfoss comment 715 at https://www.ejabberd.im Can 0.9.8 handle multiple https://www.ejabberd.im/node/322#comment-708 <p>Can 0.9.8 handle multiple different SSL certs now for different virtual hosts? I'm not sure how to configure this part but it seems possible now.</p> Thu, 11 Aug 2005 14:52:33 +0000 babel comment 708 at https://www.ejabberd.im I think that it isn't https://www.ejabberd.im/node/322#comment-654 <p>I think that it isn't possible using old SSL connections (port 5223) because SSL handshake starts before ejabberd knows about virtual host client connects.</p> <p>But it could be perfectly possible for STARTTLS method. But for now support for different SSL certificates for different virtual hosts isn't implemented.</p> Thu, 21 Jul 2005 12:53:50 +0000 teo comment 654 at https://www.ejabberd.im