I'm not following you here. You still have encryption with a self signed cert,
but no trust. But if you can't trust yourself, who else can you trust?
On public wifi without the self signed cert, the conversation could be read,
not to mention login credentials.
Take "letsencrypt" for example.
W dniu 03.05.2016, wto o godzinie 02∶12 -0700, użytkownik
li...@lazygranch.com napisał:
> jabberd2 version(2.3.6)
> I followed these instructions:
> https://github.com/jabberd2/jabberd2/wiki/InstallGuide-OpenSSLConfigu
> ration
> [...]
> SM : sx (ssl.c:405) secure channel not established,
So the documentation on generating a self signed cert is not correct.
Isn't the key generated in that document technically the root CA?
Original Message
From: Tomasz Sterna
Sent: Tuesday, May 3, 2016 5:12 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re:
W dniu 03.05.2016, wto o godzinie 02∶12 -0700, użytkownik
li...@lazygranch.com napisał:
> How exactly do I specify the cachain for a self signed cert.
You need to put your root CA used to sign the cert to the CA certs
store specified in 'cachain' option.
This is to encourage deployments to stop
freebsd 10.2
jabberd2 version(2.3.6)
I followed these instructions:
https://github.com/jabberd2/jabberd2/wiki/InstallGuide-OpenSSLConfiguration
other than renaming server.pem to jabber.pem since I had originally put
that in the XML files.
In the c2s.xml
MYDOMAIN>ORG
Pulling some lines out of