Configuring the XMPP proxy server to use SSL

Apply the new SSL definition to the XMPP proxy server.

Before you begin

Expected state: the deployment manager, node agents, and all servers in the cluster are started.

Procedure

  1. In the Integrated Solutions Console, click Security > SSL certificate and key management > Manage endpoint security configurations..
  2. Expand the Inbound node on the local topology tree.
    1. Expand cell with XMPP proxy.
    2. Expand nodes.
    3. Select the node with the XMPP proxy.
  3. On the configuration panel, select Override inherited values.
  4. Make sure NodeDefaultSSLSettings is selected in the SSL configuration drop-down list.
  5. Click Update certificate alias list.
  6. Select your certificate alias from the Certificate alias in key store list.
  7. Click Apply.
  8. Repeat the preceding steps on the Outbound node of the local topology tree.
  9. Click OK and Save.
  10. Modify the ssl.client.props file for the XMPP proxy server to specify TLSv1.2.
    1. On the server, locate the ssl.client.props file.

      This file is stored in the following location: profile_root\properties

    2. Edit the file and change the com.ibm.ssl.protocol setting to TLSv1.2. 
      com.ibm.ssl.protocol=TLSv1.2
    3. Save and close the file.
    4. Restart the node agent.
    5. Restart the server.
    6. Repeat this step on all XMPP proxy server nodes.

What to do next

Now you can exchange signer certificates with other server communities.