Security Certificate Configuration for XMPP Federation
To configure security for XMPP federation, you must complete the following procedures:
-
Verify that all local domains are created and configured on the system and, if necessary, manually create any missing local domains before you generate the cup-xmpp-s2s certificate.
-
Create the certificate once using one of the following types of certificates:
-
Self-signed single server certificate for XMPP federation
-
CA-signed single-server or multiple server certificate for XMPP federation
-
-
Import the root CA certificate.
You must repeat this procedure every time you federate with a new enterprise whose CA you do not already trust. Likewise, you should follow this procedure if the new enterprise uses self-signed certificates, where the self-signed certificates are uploaded instead of the root CA certificate.