author | Kim Alvefur <zash@zash.se> |
Tue, 25 Aug 2015 16:58:39 +0200 | |
changeset 1791 | 663e5d923ef0 |
parent 1786 | 29f3d6b7ad16 |
permissions | -rw-r--r-- |
1786 | 1 |
#summary Log certificate status and fingerprint of remote servers |
2 |
||
3 |
= Introduction = |
|
4 |
||
5 |
This module produces info level log messages with the certificate status |
|
6 |
and fingerprint every time an s2s connection is established. It can also |
|
7 |
optionally store this in persistant storage. |
|
8 |
||
9 |
*info* jabber.org has a trusted valid certificate with SHA1: 11:C2:3D:87:3F:95:F8:13:F8:CA:81:33:71:36:A7:00:E0:01:95:ED |
|
10 |
||
11 |
Fingerprints could then be added to [mod_s2s_auth_fingerprint]. |
|
12 |
||
13 |
= Configuration = |
|
14 |
||
15 |
Add the module to the `modules_enabled` list. |
|
16 |
||
17 |
{{{ |
|
18 |
modules_enabled = { |
|
19 |
... |
|
20 |
"s2s_log_certs"; |
|
21 |
} |
|
22 |
}}} |
|
23 |
||
24 |
If you want to keep track of how many times, and when a certificate is seen add |
|
25 |
||
26 |
{{{s2s_log_certs_persist = true}}} |
|
27 |
||
28 |
= Compatibility = |
|
29 |
||
30 |
||trunk||Works|| |
|
1791
663e5d923ef0
mod_s2s_log_certs: Use new 0.10 API for wrapping event handlers in order to always print log message after all s2s cert checks
Kim Alvefur <zash@zash.se>
parents:
1786
diff
changeset
|
31 |
||0.10||Works|| |
1786 | 32 |
||0.9||Works|| |
33 |
||0.8||Doesn't work|| |