Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Contrail] Configuring Transport Layer Security-Based XMPP

0

0

Article ID: KB32930 KB Last Updated: 15 Oct 2018Version: 1.0
Summary:
From Contrail 3.0, Transport Layer Security (TLS)-based XMPP can be used to secure all Extensible Messaging and Presence Protocol (XMPP)-based communication.
We will discuss about securing the XMPP messages between the contrail control and the compute nodes.
Solution:

Configuring Control Node for XMPP Server

To enable secure XMPP, the following parameters are configured at the XMPP server. On the control node, enable the parameters in the configuration file: 

/etc/contrail/contrail-control.conf.

xmpp_server_cert=/etc/contrail/ssl/certs/server.pem
xmpp_server_key=/etc/contrail/ssl/private/server-privkey.pem
xmpp_ca_cert=/etc/contrail/ssl/certs/ca-cert.pem
xmpp_auth_enable=true


Configuring Compute Node for XMPP Client

To enable secure XMPP, the following parameters are configured at the XMPP client.On the compute node, enable the parameters in the configuration file:

/etc/contrail/contrail-vrouter-agent.conf

xmpp_server_cert​=/etc/contrail/ssl/certs/server.pem
xmpp_server_key​=/etc/contrail/ssl/private/server-privkey.pem
xmpp_ca_cert​=/etc/contrail/ssl/certs/ca-cert.pem
xmpp_auth_enable=true ​

Once the aforementioned changes are completed on the appropriate .conf files, restart contrail-control service on the control node and the contrail-vrouter-agent on the compute node.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search