32 |
32 |
33 # Set 'ignore_self_presence' to 1 if you do not want to see your own |
33 # Set 'ignore_self_presence' to 1 if you do not want to see your own |
34 # presence in your roster (default: 0). |
34 # presence in your roster (default: 0). |
35 set ignore_self_presence = 1 |
35 set ignore_self_presence = 1 |
36 |
36 |
37 # SSL options: |
37 # SSL/TLS options: |
38 # Set ssl non-zero to use SSL (this also sets the default port to 5223). |
38 # TLS is now regarded as the default encryption for connecting to jabber. |
39 # * Please note that certificate verification is NOT yet supported if |
39 # You can require TLS by setting tls to 1. If your jabber server |
40 # mcabber is compiled with GnuTLS (only works with OpenSSL). |
40 # still doesn't support TLS, you can use the old-style SSL by setting |
41 # You can use mcabber -V to check. |
41 # ssl to 1. It's not possible to use old-style SSL and TLS together. |
42 # Set ssl_verify to 0 to disable certificate verification, or non-zero |
|
43 # to set desired maximum CA verification depth. Use -1 to specify an |
|
44 # unlimited depth. |
|
45 # NOTE: You probably need to set ssl_capath for SSL cert verification to work! |
|
46 # Set ssl_cafile to a path to a CA certificate file (may contain multiple |
|
47 # CA certificates). |
|
48 # Set ssl_capath to a directory containing CA certificates (use c_rehash |
|
49 # to generate hash links). |
|
50 # Set ssl_ciphers to a list of desired SSL ciphers (run "openssl ciphers" |
|
51 # for candidate values). |
|
52 set ssl = 0 |
42 set ssl = 0 |
53 #set ssl_verify = -1 |
43 set tls = 1 |
54 #set ssl_cafile = /usr/share/ssl/certs/ca-bundle.crt |
44 # Moreover, it's possible to check whether the fingerprint of the |
55 #set ssl_capath = |
45 # ssl certificate matches ssl_fingerprint. |
56 #set ssl_ciphers = |
46 # You can get the fingerprint of your server either with gnutls or openssl: |
|
47 # 1. gnutls-cli -p 5223 $your_server |
|
48 # 2. openssl s_client -connect $your_server:5223 | \ |
|
49 # openssl x509 -fingerprint -md5 -noout |
|
50 set ssl_fingerprint = 97:5C:00:3F:1D:77:45:25:E2:C5:70:EC:83:C8:87:EE |
|
51 # Set ssl_ignore_checks to 1 to disable all certificate checks except the |
|
52 # fingerprint check. |
|
53 #set ssl_ignore_checks = 0 |
57 |
54 |
58 # PGP support |
55 # PGP support |
59 # Set pgp to 1 to enable OpenPGP. |
56 # Set pgp to 1 to enable OpenPGP. |
60 # To sign outgoing messages, select your private key id with |
57 # To sign outgoing messages, select your private key id with |
61 # the pgp_private_key option. You cannot change these options once |
58 # the pgp_private_key option. You cannot change these options once |