So I’‘m getting ready to deploy our chat service with Wildfire. It’'s unclear to me, however, how the SRV records and SSL certificates stitch together.
I want our users to the user@domain.edu[/b] (this is a university) as their Jabber ID, and (ideally) domain.edu[/b] as the chat server. Am I correct in thinking that the SRV record will allow me to do this?
If so, should my certificate be for domain.edu[/b] or chatserver.domain.edu?
Thanks!
Message was edited by: atlauren
As far as I see, they don’'t really. SSL and SRV are two very seperate entities.
Using SRV records, you can tell clients (using DNS) that want to connect to a particular service (like XMPP) on your domain which actual host they need to use.
So, clients requesting a XMPP service on your domain whould send a SRV request for your domain to the DNS server. DNS will return the specific host that the client needs to use:
client to DNS --> “I’'d like to use XMPP on domain.edu”
DNS to client --> “use host chatserver.domain.edu”
client to chathost --> “Hi, I’'m user@domain.edu”
chathost to client --> “Ok, what are your login credentials?”
That host serves the entire domain. Your clients will be known as user@domain.edu. Therefore, your SSL certificate should be valid for the entire domain.