1 Reply Latest reply on Nov 6, 2014 9:05 AM by John Jones

    Another wildcard SSL refugee

    John Jones



      We have an  Openfire 3.7.0 server on CentOS release 6.4 x86_64 and the following





      java version 1.7.0_25


      I have these Ignite resources that I have been pouring over:

      SSL Guide

      How do I install a wildcard SSL certificate?

      How to sucessfully import an existing StartSSL Cert & Key (Linux)

      Import SSL Key and Certificate

      Using Signed SSL Certificates in Openfire

      ImportKey.class and ImportKey.java instructions


      I have these non-Ignire resources that I have been pouring over:

      Openfire and SSL/TLS Certificates - bigdinosaur.org

      Securing Openfire Clients - bigdinosaur.org

      Import private key and certificate into Java Key Store (JKS) -AgentBob


      I have managed to get the domain_com_ee.crt  and intermediate.crt into OpenFire 3.7.0 as a GeoTrust Certificate.

      but the client reports "errors" using their custom Spark Client. He didn't specify the nature of the "error" but I suspect that the client app simply needed to accept the "new" certificate.

      When this occured, I noticed that a native Spark 2.6.3 client in Windows could not login with "Bad username, or password" message. Ports 5222 and 5223 both tried with the same result.


      What must I do to get our wildcard RapidSSL certificate into openfire and the APNS certificate?

      Will the clients' app need to accept the new certificate, as I suspect?

      Will the clients' app need to be recompiled after coding it to use port 5223?


      For the past 2 days, I have been working through CoolCat's post here... but it's 7 years old.


      Thank you for your time.