0

I am going to use an SSL certificate on my chat application based on XMPP(ejabberd) which is hosted on an IP.

So, I will be using the IP as the common name when I am generating my SSL certificate. But the server that has everything hosted on it, refers to the IP using a hostname as abcd.yourserver.net.

Therefore, I am confused as to if I have to use the IP or this weird hostname while generating my SSL certificate and if in future I decide to use a domain name instead of the IP for my application, will I have to buy a new SSl certificate or can I regenerate the old one. Also, can I change the type like wilcard or single certificate?

P.S. I have never bought an SSL certificate, so forgive me if the question is newbish.

Mickaël Rémond
  • 9,035
  • 1
  • 24
  • 44
SuperNOVA
  • 721
  • 7
  • 15

1 Answers1

0

When generating an SSL certificate for an XMPP server, you have to use the domain name of your XMPP service.

Mickaël Rémond
  • 9,035
  • 1
  • 24
  • 44
  • The server hosts both the XMPP and the web services used, if that changes anything? – SuperNOVA Aug 31 '15 at 08:51
  • From XMPP point of view that does not change anything. Cert has to be for the XMPP domain (not necessarily the server name). – Mickaël Rémond Aug 31 '15 at 09:16
  • If I am using the IP, while connecting to the XMPP server(in the client) even then do I need a domain name? – SuperNOVA Aug 31 '15 at 09:26
  • Well, you cannot really create a certificate for an IP. You need a domain name, yes. – Mickaël Rémond Aug 31 '15 at 12:15
  • I found some answers on stackoverflow that suggest that it can be done. One among them: http://stackoverflow.com/questions/1095780/are-ssl-certificates-bound-to-the-servers-ip-address. So, I guess the major concern is that is it a necessity for the XMPP server itself? – SuperNOVA Aug 31 '15 at 12:27
  • Well, you can generated a self signed certificate for an IP address, but if you are planning to buy one, no certificate authority will deliver a certificate for an IP address. Moreover, it does not really make sense. – Mickaël Rémond Aug 31 '15 at 12:57