S2S: Allow Mutual Authentication by default when using signed certificate

Description

Openfire allows mutual authentication (SASL EXTERNAL) for all connection types, although the default setting disables this feature.

If a properly signed (instead of the default self-signed) certificate is installed, I'm not seeing downsides in allowing SASL EXTERNAL. It would be good to have this enabled for S2S, as it reduces the complexity for S2S establishment (the alternative approach, Dialback, requires an elaborate handshake).

Environment

None

Activity

Show:

Fixed

Details
Assignee
Guus der Kinderen
Reporter
Guus der Kinderen
Components
Fix versions
4.5.0
Priority
Minor

Created September 7, 2019 at 3:39 PM

Updated September 8, 2019 at 9:30 AM

Resolved September 8, 2019 at 9:30 AM

S2S: Allow Mutual Authentication by default when using signed certificate

Description

Environment

Activity

DetailsAssigneeGuus der KinderenGuus der KinderenReporterGuus der KinderenGuus der KinderenComponentsFix versions4.5.0PriorityMinor

Details

Assignee

Reporter

Components

Fix versions

Priority

Details
Assignee
Guus der Kinderen
Reporter
Guus der Kinderen
Components
Fix versions
4.5.0
Priority
Minor