PKIX over Secure HTTP (POSH) describes a method of securely delegating a domain to a hosting provider, without that hosting provider needing keys and certificates covering the hosted domain.
This module performs POSH validation of other servers. It is not needed to delegate your own domain.
You can generate the JSON delegation file from a certificate by
running prosodyctl mod_s2s_auth_posh /path/to/example.crt
.
This file needs to be served at
https://example.com/.well-known/posh/xmpp-server.json
.
With the plugin installer in Prosody 0.12 you can use:
sudo prosodyctl install --server=https://modules.prosody.im/rocks/ mod_s2s_auth_posh
For earlier versions see the documentation for installing 3rd party modules