TLS configuration for separate SM and CM setup
I was testing a setup with separate SM and CM on different machine based on the following:
and I assume that TLS should be configured in the CM portion
But seems like the Tigase setup is not recognizing the TLS configuration that I put in the init.properties.
The same configuration was working when the Tigase is combined together (SM and CM in the same instance)
When I tried to connect to the server through a PSI client, it showed that I have a self-signed cert rather than the cert in the configuration
I understand that this is based on Tigase 7.0.0 which is quite long ago but I would like to ask if there are any further requirement is needed for the CM/SM portion to activate TLS.
My TLS configuration portion (Working for single setup but not for separate):
--ssl-def-cert-domain = test.im basic-conf/virt-hosts-cert-test.im = /opt/tigase-7.0.0/certs/test.im.pem --vhost-tls-required = true --hardened-mode=true --vhost-anonymous-enabled = false --vhost-register-enabled = false
I found out what the issue is with the above, so the issue above can be ignored.
When I initially tried out the Tigase without setting the basic-conf/virt-hosts-cert-test.im,
the server generated a test.im.pem file in the certs folder and my PSI client is getting this generated self-signed cert instead of the one I defined.
As for the CM and SM on separate machine,
is there any updated documentation on this specific setup?
There are still some unintended behaviour that is not happening in a single setup which might be caused by my configuration.