TLS support was added to Instant Messaging in the previous release; however, the Sun Java System Instant Messaging 7 2006Q1 Administration Guide did not adequately cover instructions for setting up TLS. TLS is used for communication between the server and clients, other servers, and Instant Messaging components such as the XMPP/HTTP Gateway. Legacy SSL is still supported for communication between clients and the multiplexor. Legacy SSL is no longer supported by the server and is not supported by the gateway. The Sun Java System Instant Messaging 7.2 Administration Guide now provides detailed information about setting up security for your deployment.
As a result of the implementation of TLS in Instant Messaging, you are no longer prompted to enter an SSL port for the server when you run configure.
The following iim.conf parameters are no longer used:
iim_server.sslport – No separate port is required for TLS connections.
iim_server.usesslport – No separate SSL port.
iim_server.secconfigdir – No longer have NSS key and certificate database for the server.
iim_server.keydbprefix – No longer have NSS key and certificate database for the server.
iim_server.certdbprefix – No longer have NSS key and certificate database for the server.
iim_server.coserver1.usessl – This has been replaced with iim_server.coserver1.requiressl.
The following iim.conf parameters are new for this release:
iim_server.requiressl
iim_server.sslkeystore
iim_server.coserver1.requiressl
Refer to the Sun Java System Instant Messaging 7.2 Administration Guide for information about using these parameters.
The Instant Messenger client uses imssl.html and imssl.jnlp only for legacy SSL connections. Instant Messenger supports TLS automatically when it connects to a server that is configured to use TLS.