Please help:)
Enable the TLS connection, just apply the server.pem in using the ejabberd server domain name and already get the file. How to generate the client certificate? The client is running on Nokia S40 system.
Looking for ejabberd docs?
To access the most up-to-date ejabberd documentation, please visit docs.ejabberd.im »
How to get the Client .cer file?
No need of client certificate
To use STARTTLS encryption when connecting to the Jabber server, the Jabber server must have a certificate installed and ejabberd configured to use it. The client doesn't need to have another certificate.
You can try to connect using desktop Jabber clients like Psi or Gajim to see if you have ejabberd configured correctly.
Support for client
Support for client certificates would be cool:
Example use case:
1) Users buy a unique client certificate that is signed by the private key of the server. The price is very low (micro payment) and is only to make it impossible for abusers to register lots of accounts (well, they still can but then it will cost them a lot).
2) Users install their unique client certificate in their client
3) When connecting the server verifies if the client certificate is valid (signed by the private key of the server and not revoked). Only when it succeeds the connection is establised.
4) If the server admin detects abuse by accounts, the admin can easily revoke the client certificate of this user (it will become invalid). In this way the abuser is punished: he needs to buy a new certificate.
Note: collecting the money and distributing the certificates can be done, for instance, by using a service such as Paypal or eBay (the second also allows the admin to limit the number of users and to control the growth by selling only a limited amount of certificates in a time period!)
--
sander