AnsweredAssumed Answered

Import SSL certificate in Openfire running on Windows Server 2008

Question asked by umerjafer on Dec 11, 2012
Latest reply on Jan 8, 2014 by julienv

I am running an Openfire server on Windows Server 2008 and need to import a SSL certificate on the server. The certificate which I need to import is already configured on a domain on IIS. The certificate which I am using is provided by Go Daddy. The first major issue which I have faced while importing is the Private Key and Certificate file not being available separately. The reason behind this is that the private key is not returned to the user while creating a CSR with the IIS. To extract the private key I need to export the certificate and then convert it into PEM format which contains both the private key and the certificate but this solution is not that much useable as I explain below.


I have tried various methods but I have had no success.


First I have tried following the SSL Guide provided by Openfire on the following URL: e.html


I was able to successfully import a certificate using the above guide. After that I restarted the server and checked the Server certificates in the Openfire Admin Panel but I got the following error:


Unable to access certificate store.  The keystore may be corrupt.


Later on I realized that the error was due to the fact that the certificate which I imported did not have private key with it.


Then I did some more research and went through the following post:


This guide had a specific step 4a which was relevant to my situation. It informed me to use OpenSSL to convert the PFX file to PEM and then use the import-certificate.jsp page to import the certificate. I provided the relative informatoin after extratcting it from the PEM file but I got the following error:


There was an error one importing private key and signed certificate.


I searched the above error online but did not find anything specific which could pin point to what the problem is. Right now I am stuck for the past 1 week on this and have not found anything which could give me an exact answer to where I am going wrong. Any help would be great. Thanks in advance.