AnsweredAssumed Answered

Another wildcard SSL refugee

Question asked by John Jones on Aug 15, 2014
Latest reply on Nov 6, 2014 by John Jones



We have an  Openfire 3.7.0 server on CentOS release 6.4 x86_64 and the following





java version 1.7.0_25


I have these Ignite resources that I have been pouring over:

SSL Guide

How do I install a wildcard SSL certificate?

How to sucessfully import an existing StartSSL Cert & Key (Linux)

Import SSL Key and Certificate

Using Signed SSL Certificates in Openfire

ImportKey.class and instructions


I have these non-Ignire resources that I have been pouring over:

Openfire and SSL/TLS Certificates -

Securing Openfire Clients -

Import private key and certificate into Java Key Store (JKS) -AgentBob


I have managed to get the domain_com_ee.crt  and intermediate.crt into OpenFire 3.7.0 as a GeoTrust Certificate.

but the client reports "errors" using their custom Spark Client. He didn't specify the nature of the "error" but I suspect that the client app simply needed to accept the "new" certificate.

When this occured, I noticed that a native Spark 2.6.3 client in Windows could not login with "Bad username, or password" message. Ports 5222 and 5223 both tried with the same result.


What must I do to get our wildcard RapidSSL certificate into openfire and the APNS certificate?

Will the clients' app need to accept the new certificate, as I suspect?

Will the clients' app need to be recompiled after coding it to use port 5223?


For the past 2 days, I have been working through CoolCat's post here... but it's 7 years old.


Thank you for your time.