mod_tls
Enables SSL/TLS encryption on connected streams.
Details
mod_tls implements TLS as described in XMPP Core. For information on obtaining and configuring certificates, see our documentation on certificates.
Usage
modules_enabled = {
-- Other modules
"tls"; -- Enable mod_tls
}Configuration
| Option | Default | Notes |
|---|---|---|
| c2s_require_encryption | true | Whether to force all client-to-server connections to be encrypted or not |
| s2s_require_encryption | true | Whether to force all server-to-server connections to be encrypted or not (you may also want to enforce certificate authentication - see s2s security for more info) |
These options will cause Prosody to deny connections that are not encrypted. Note that some servers do not support s2s encryption or have it disabled, including gmail.com and Google Apps domains.
Example
modules_enabled = {
-- Other modules
"tls"; -- Enable mod_tls
}
c2s_require_encryption = true
s2s_require_encryption = true