Use makecert for xmpp

beaglebone.txt

@@ -3958,15 +3958,9 @@ To set UK time within Irssi:
 Generate a SSL certificate.
 
 #+BEGIN_SRC: bash
-openssl genrsa -out /etc/ssl/private/xmpp.key 4096
+makecert xmpp
-openssl req -new -x509 -sha256 -key /etc/ssl/private/xmpp.key -out /etc/ssl/certs/xmpp.crt -days 3650
+chown prosody:prosody /etc/ssl/private/xmpp.key
-#+END_SRC
+chown prosody:prosody /etc/ssl/certs/xmpp.*
-
-Change permissions.
-
-#+BEGIN_SRC: bash
-chmod 600 /etc/ssl/private/xmpp.key
-chmod 600 /etc/ssl/certs/xmpp.crt
 #+END_SRC
 
 Install Prosody.
@@ -3987,6 +3981,7 @@ Set the ssl section to:
     ssl = {
         key = "/etc/ssl/private/xmpp.key";
         certificate = "/etc/ssl/certs/xmpp.crt";
+        dhparam = "/etc/ssl/certs/xmpp.dhparam";
     }
 #+END_SRC
 
@@ -7736,12 +7731,9 @@ Run *makecert <domain>* for each of your sites.
 Recreate the XMPP certificate:
 
 #+BEGIN_SRC: bash
-openssl genrsa -out /etc/ssl/private/xmpp.key 4096
+makecert xmpp
-openssl req -new -sha256 -x509 -key /etc/ssl/private/xmpp.key -out /etc/ssl/certs/xmpp.crt -days 3650
-chmod 600 /etc/ssl/private/xmpp.key
-chmod 600 /etc/ssl/certs/xmpp.crt
 chown prosody:prosody /etc/ssl/private/xmpp.key
-chown prosody:prosody /etc/ssl/certs/xmpp.crt
+chown prosody:prosody /etc/ssl/certs/xmpp.*
 #+END_SRC
 
 And regenerate the IRC server keys: