Creating an approved federation domain list – Apple Mac OS User Manual

Chapter 3

Setting Up Advanced iChat Service Configurations

29

By default, iChat selects a port using a preinstalled, self-signed SSL certificate. You can
select your own certificate. The selected certificate is used for client-to-server
communications on ports 5222 and 5223 and for server-to-server communications.

Jabber provides the following ports:

 5222 accepts TLS encryption
 5223 accepts SSL encryption

SSL encrypts your chat message over the network between client-to-server and server-
to-server connections. However, if your iChat server is logging chat messages, your
messages are stored in a unencrypted format that can be easily viewed by your server
administrator. For information about message logging, see “Configuring Logging
Settings” on page 21.

To select a certificate:

1

Open Server Admin and connect to the server.

2

Click the triangle to the left of the server.

The list of services appears.

3

From the expanded Servers list, select iChat.

4

Click Settings, then click General.

5

From the SSL Certificate pop-up menu, choose an SSL certificate.

The menu lists all SSL certificates that are installed on the server.

To create or add certificates, choose Manage Certificates from the SSL Certificate pop-
up menu.

For more information about creating and managing server certificates, see Server
Administration.

6

Click Save.

Creating an Approved Federation Domain List

Server Admin offers the option of configuring an approved list of domains for S2S
communication, where only host names and domains that are listed can communicate
with your server. This is called a federation domain list.

To create a federation domain list:

1

Open Server Admin and connect to the server.

2

Click the triangle to the left of the server.

The list of services appears.

3

From the expanded Servers list, select iChat.

4

Click Settings, then click General.