mod_tls

Enables SSL/TLS encryption on connected streams.

Details

mod_tls implements TLS as described in XMPP Core. For information on obtaining and configuring certificates, see our documentation on certificates.

Usage

    modules_enabled = {
        -- Other modules
        "tls"; -- Enable mod_tls
    }

Configuration

Option Default Notes
c2s_require_encryption true Whether to force all client-to-server connections to be encrypted or not
s2s_require_encryption true Whether to force all server-to-server connections to be encrypted or not (you may also want to enforce certificate authentication - see s2s security for more info)

These options will cause Prosody to deny connections that are not encrypted.

Example

    modules_enabled = {
        -- Other modules
        "tls"; -- Enable mod_tls
    }
 
    c2s_require_encryption = true
    s2s_require_encryption = true