https://www.ejabberd.im/node/344 en https://www.ejabberd.im/node/344#comment-696 <p>To make it easier for you: <noindex><a href="http://jwchat.sourceforge.net/" rel="nofollow" >JWChat</a></noindex>.</p> <p>--<br /> sander</p> Fri, 05 Aug 2005 11:12:28 +0000 sander comment 696 at https://www.ejabberd.im https://www.ejabberd.im/node/344#comment-695 <blockquote>Is that all there is to enabling TLS ?</blockquote> <p>Yes. Check with a STARTTLS enabled client that it really works. Exodus and Pandion (on Windows) and Tkabber (from CVS), for example.</p> <blockquote>Is there anything else necessary to be done by me on the client-side</blockquote> <p>The client must support STARTTLS, of course. And if prompted, select to use it.</p> <blockquote> if i am writing my own XMPP client in javascript ?</blockquote> <p>Since the client must support STARTTLS, you either code all the SSL stuff or use a library on your client. You can check how other clients solved it. JWChat is in Javascript but uses HTTP-Poll/HTTP-Bind so it does not use any security. The only existing <a hreF="http://www.jabber.org/software/libraries.shtml">Jabber development library</a> in Javascript is JSJac, the one used by JWChat. <a href="http://jabberstudio.org/cgi-bin/viewcvs.cgi/jabberzilla/trunk/src/components/base/src/socket/jzXMPPStartTls.cpp?rev=723&view=markup">Jabberzilla has STARTTLS</a> but is coded on C++</p> <p>I haven't look too hard, but it looks to me that there isn't an easy way to support STARTTLS on a javascript client. How did JWChat solve the security issue? The webserver can serve JWChat on HTTPS, port 443, and the webserver can be installed on the same machine as the Jabber server.</p> Fri, 05 Aug 2005 10:26:26 +0000 mfoss comment 695 at https://www.ejabberd.im