Barton | 7 Nov 21:11 2011
Picon

Jabber.el and self-signed certificates

I'm using a small Prosody server with a self-signed certificate and in
my Emacs have:

(... (:port . 5222) (:connection-type . starttls)) in
jabber-account-list.

The connection fails with "STARTTLS negotiation failed", which I presume
is because it cannot verify the certificate.

Is it possible to have encryption using jabber.el and self-signed
certificates?

------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
Steve VanDevender | 7 Nov 22:01 2011

Jabber.el and self-signed certificates

Barton writes:
 > I'm using a small Prosody server with a self-signed certificate and in
 > my Emacs have:
 > 
 > (... (:port . 5222) (:connection-type . starttls)) in
 > jabber-account-list.
 > 
 > The connection fails with "STARTTLS negotiation failed", which I presume
 > is because it cannot verify the certificate.
 > 
 > Is it possible to have encryption using jabber.el and self-signed
 > certificates?

You may need to add options to the program specified by the Emacs
variable tls-program to allow it to continue even if it cannot verify
the offered certificate.  For example, it appears that
"gnutls-cli --insecure" would be needed if you want gnutls-cli to accept
a certificate it can't verify.

------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1

Gmane