powered by Jive Software

SSL, certificates and SRV records

So I’‘m getting ready to deploy our chat service with Wildfire. It’'s unclear to me, however, how the SRV records and SSL certificates stitch together.

I want our users to the user@domain.edu[/b] (this is a university) as their Jabber ID, and (ideally) domain.edu[/b] as the chat server. Am I correct in thinking that the SRV record will allow me to do this?

If so, should my certificate be for domain.edu[/b] or chatserver.domain.edu?


Message was edited by: atlauren

As far as I see, they don’'t really. SSL and SRV are two very seperate entities.

Using SRV records, you can tell clients (using DNS) that want to connect to a particular service (like XMPP) on your domain which actual host they need to use.

So, clients requesting a XMPP service on your domain whould send a SRV request for your domain to the DNS server. DNS will return the specific host that the client needs to use:

client to DNS --> “I’'d like to use XMPP on domain.edu

DNS to client --> “use host chatserver.domain.edu

client to chathost --> “Hi, I’'m user@domain.edu

chathost to client --> “Ok, what are your login credentials?”

That host serves the entire domain. Your clients will be known as user@domain.edu. Therefore, your SSL certificate should be valid for the entire domain.