1 Reply Latest reply on Nov 6, 2014 9:05 AM by John Jones

    Another wildcard SSL refugee

    John Jones

      Hello:

       

      We have an  Openfire 3.7.0 server on CentOS release 6.4 x86_64 and the following

      domain_com_ee.crt

      intermediate.crt

      domain.key

      apns-production-cert.pem

      java version 1.7.0_25

       

      I have these Ignite resources that I have been pouring over:

      SSL Guide

      How do I install a wildcard SSL certificate?

      How to sucessfully import an existing StartSSL Cert & Key (Linux)

      Import SSL Key and Certificate

      Using Signed SSL Certificates in Openfire

      ImportKey.class and ImportKey.java instructions

       

      I have these non-Ignire resources that I have been pouring over:

      Openfire and SSL/TLS Certificates - bigdinosaur.org

      Securing Openfire Clients - bigdinosaur.org

      Import private key and certificate into Java Key Store (JKS) -AgentBob

       

      I have managed to get the domain_com_ee.crt  and intermediate.crt into OpenFire 3.7.0 as a GeoTrust Certificate.

      but the client reports "errors" using their custom Spark Client. He didn't specify the nature of the "error" but I suspect that the client app simply needed to accept the "new" certificate.

      When this occured, I noticed that a native Spark 2.6.3 client in Windows could not login with "Bad username, or password" message. Ports 5222 and 5223 both tried with the same result.

       

      What must I do to get our wildcard RapidSSL certificate into openfire and the APNS certificate?

      Will the clients' app need to accept the new certificate, as I suspect?

      Will the clients' app need to be recompiled after coding it to use port 5223?

       

      For the past 2 days, I have been working through CoolCat's post here... but it's 7 years old.

       

      Thank you for your time.