Skip to main content

Adding a pem file to secure ejabbered on the server for chat connection.

Getting the pem file

I downloaded the pem file through Plesk (v17.8.11) under the SSL/TLS Certificates area.  Locate the certificate that you want to use and click the green arrow which when hovering will day download all certificate components.

Location of the pem file on the server

I added the pem to one level below the root level of the website in a directory of your choice... such as (certificates, pemfiles, etc).  So for instance /var/www/vhosts/example.com/pemfiles

Letting ejabbered know where to find the pem file

The directory that you want to locate is ejabbered in the etc directory.  Our set up had it located in

/usr/local/etc/ejabberd

Then vim the file ejabberd.yml.  To vim a file - use the vi command

vi ejabberd.yml

In this file, scroll down until you listen: followed by a series of port numbers

listen:
  -
    port: 5222
    ip: "your ip"
    module: ejabberd_c2s
    certfile: "/var/www/vhosts/example.com/pemfiles/examplecerts.pem"
    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
    starttls_required: true
  -
    port: 5280
    module: ejabberd_http
    web_admin: true
    certfile: "/var/www/vhosts/example.com/pemfiles/examplecerts.pem"
  -
    port: 5282
    ip: "your ip"
    module: ejabberd_http
    certfile: "/var/www/vhosts/example.com/pemfiles/examplecerts.pem"
    tls: true
    web_admin: true

Change the certfile to point to the location of the pem file.  Once the changes have been made, remember to write the file before closing.  For example, {esc}:wq  However, if you are unsure of the change and don't want to save then {esc}:q

Test your connection can see the pem file and you're done.