[Server-devel] question on SSL enabling ejabberd
Patrick Giagnocavo
patrick at zill.net
Tue Nov 25 15:17:32 EST 2008
Hi,
I am new to this, so forgive me if this has already been asked.
Has anyone compared, or looked at, the performance of ejabberd with its
builtin SSL/TLS support, versus using the "stunnel" program to run on
the port, acting as an SSL-encrypting proxy?
In such a case, you would configure stunnel to listen on the SSL port
(5223) and then pass the now-unencrypted data onto the ejabberd server.
E.g.
XO user <- Internet or LAN -> stunnel <--> ejabberd
You could thus either run stunnel on a separate machine, freeing up CPU
on the ejabberd server, or, run it on the same system, possibly reducing
the load should stunnel prove more efficient.
If no one has done this, I would offer to test it out, as I have
configured stunnel before (for a different situation).
Cordially
Patrick Giagnocavo
patrick at zill.net
More information about the Server-devel
mailing list