Hi,
I am trying to use TLS and GSSAPI with pidgin. Here is my set up:
Domain - company.com (so jid would be [EMAIL PROTECTED],
[EMAIL PROTECTED] ...)
Server ("Connect Server") - jabber.example.com
Realm - EXAMPLE.COM
I do not have any DNS SRV records set up but I have a properly
configured kerberos and TLS jabber server.
Now here are my doubts:
1. Does pidgin check the certificate against the domain name
(company.com) or the server name (jabber.example.com)? It currently
seems to be verifying against the domain name. Is this expected behaviour?
2. When pidgin tries to fetch a ticket for the jabber service, which of
the below is used as the servername for building the principal
xmpp/[EMAIL PROTECTED]
- Domain company.com
- Server jabber.example.com
- Name got by resolving domain company.com and doing a reverse
look-up on the IP (Pidgin seems to be doing this currently)
- Name got by resolving server jabber.example.com and doing a
reverse look-up on the IP (Shouldn't this be the expected behaviour?)
3. Is it necessary that the domain company.com be resolvable if I am
filling the "Connect Server" field? If so, for what?
Looking forward to an early response.
Thanks and Regards,
Rahul.
_______________________________________________
Support mailing list
Support@pidgin.im
http://pidgin.im/cgi-bin/mailman/listinfo/support
