Hi,
I started to use Prosody as XMPP server for some testing and was able
to get it running with Pidgin client. I verified it works with someone
using (I think) ejabber server. For this I created Let's Encrypt
certificate for my test domain.
Now I would like to move a bit toward service deployment. For this
purpose I like to see possibility to serve several domains with one
Prosody instance. Question is, how should I create certificate for this
scenario.
In my config file, I commented out default
VirtualHost "localhost"
line and added my test domain like this:
VirtualHost "
xm1.dino.sk"
ssl =
{ certificate = "certs/xm1.dino.sk.fullchain.cer";
key = "certs/xm1.dino.sk.key";
}
Certificate was created using acme.sh with command
acme.sh --issue --standalone --domain
xm1.dino.sk
Now, how can I serve several domains? I can use maybe
xm1.dino.sk and
xm2.dino.sk by adding similar definition for VirtualHost, but what
about certificates? Can I use one certificate per domain or should I
use one certificate with more SAN? I have no XMPP protocol knowledge
yet, so I have no idea whether it is possible to use Different
certificate for domains run by the same Prosody instance using one IP,
thus the question.
Rgeards,
Milan