Creating an Approved Federation Domain List | Apple Mac OS guide

By default, iChat selects a port using a preinstalled, self-signed SSL certificate. You can select your own certificate. The selected certificate is used for client-to-server communications on ports 5222 and 5223 and for server-to-server communications.

Jabber provides the following ports:

Â5222 accepts TLS encryption

Â5223 accepts SSL encryption

SSL encrypts your chat message over the network between client-to-server and server- to-server connections. However, if your iChat server is logging chat messages, your messages are stored in a unencrypted format that can be easily viewed by your server administrator. For information about message logging, see “Configuring Logging Settings” on page 21.

To select a certificate:

1Open Server Admin and connect to the server.

2Click the triangle to the left of the server. The list of services appears.

3From the expanded Servers list, select iChat.

4Click Settings, then click General.

5From the SSL Certificate pop-up menu, choose an SSL certificate. The menu lists all SSL certificates that are installed on the server.

To create or add certificates, choose Manage Certificates from the SSL Certificate pop- up menu.

For more information about creating and managing server certificates, see Server Administration.

6Click Save.

Creating an Approved Federation Domain List

Server Admin offers the option of configuring an approved list of domains for S2S communication, where only host names and domains that are listed can communicate with your server. This is called a federation domain list.

To create a federation domain list:

1Open Server Admin and connect to the server.

2Click the triangle to the left of the server. The list of services appears.

3From the expanded Servers list, select iChat.

4Click Settings, then click General.

Chapter 3 Setting Up Advanced iChat Service Configurations

29

Image 29

Apple Mac OS Creating an Approved Federation Domain List, To select a certificate, To create a federation domain list

Contents

Mac OS X Server 019-0939/2007-09-01 Contents Integrating with Directory Services Setting Up S2S CommunicationSetting the iChat Authentication Method Setting Up iChat on Virtually Hosted Domains What’s New in Version About This Guide To get help for an advanced configuration of Leopard Server Using Onscreen HelpWhat’s in this Guide To see the most recent server help topics This guide Tells you how to Advanced Server Administration Guides User Management Getting Additional Information Getting Documentation Updates Preface About This Guide How iChat Works Understanding iChat Service How iChat Users Are Authenticated Using iChat in Large Organizations Using iChat in Small to Medium Organizations Tools for Managing iChat Server Admin Workgroup Manager Command-Line Tools Understanding iChat Service Using Other Chat Applications ServiceUnderstanding iChat Screen Names Adding an Account to iChat Configuring and Starting Open Directory Setup Overview Turning iChat Service On Opening Firewall Ports for iChat ServiceSetting up iChat To turn iChat service on To configure iChat General settings Configuring General Settings Starting iChat Configuring Logging SettingsTo set up iChat to log chat sessions Setting Sacl Permissions for Users and Groups Setting Access Control for iChatTo start iChat service Managing iChat To set administrator Sacl permissions for iChat Setting Sacl Permissions for AdministratorsUsing SSL for iChat To identify an SSL certificate for use by iChat Locating iChat Configuration Files Stopping iChat Viewing iChat LogsTurning Auto-Buddy Support On Setting Up and Managing iChat Service Linking Multiple Chat Servers S2S Setting Up Advanced iChat Service ConfigurationsSetting Up S2S Communication Securing S2S Connections Using Certificates to Secure S2S CommunicationTo enable or disable S2S communication To create a federation domain list Creating an Approved Federation Domain ListTo select a certificate To select an authentication method Integrating with Directory ServicesSetting the iChat Authentication Method To configure iChat on a virtually hosted domain Setting Up iChat on Virtually Hosted Domains Setting Up Advanced iChat Service Configurations Apple Filing Protocol See AFP Glossary Domain name See DNS name Domain Name System See DNS Internet Protocol See IP File Transfer Protocol See FTPHome directory See home folder Network File System See NFS Line Printer Remote See LPR Oplocks See opportunistic locking QuickTime Streaming Server See Qtss User Datagram Protocol See UDP User ID See UID Transmission Control Protocol See TCP Glossary Index Index