1) el4 boxes do not have the /etc/pki dir. Fix:
ln -sf /usr/share/ssl/ /etc/pki/tls
The rpm defaults to using pam for authentication, and I was unable to get this to work, so I'm moving on to MySQL.
had to add mysql settings to /etc/jabberd/sm.xml and /etc/jabberd/c2s.xml
jabber is cryptic about settings. DNS resolution is CRITICAL, and it doesn't log anything useful when things break. With a sniffer I saw this:
service requested for unknown domain
After some poking I managed to figure out that the magical incantation it needed was that sm.xml, c2s.xml, and my client all had to use the same (resolvable) hostname. It defaults to localhost internally, which you'd think would work, but no. You've got to set that manually in the <id> field in sm.xml, c2s.xml. I reckon that this is the real reason PAM wasnt working too.