I've tried to install a Startcom cert and can't get it to work.  I've followed the instructions given here:

http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ssl-guid e.html

I have added the root and intermediate certs to the OpenFire truststore and keystore ("ca-bundle.crt" from http://www.startssl.com/certs/) using keytool.  And I have added my signed cert to the keystore.  When I go to my admin page->Server Settings->Server Certificates, I see the following error:

Exception:

java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
     at org.bouncycastle.jce.provider.JDKDigestSignature.engineInitSign(Unknown Source)

When I try to use the /import-certificates.jsp page, I get this error:

     There was an error one importing private key and signed certificate.

I tried to use the external KeyStoreImport Java tool referenced in the following two threads:

http://www.igniterealtime.org/community/thread/26281

http://www.igniterealtime.org/community/thread/32251

and see this error when I run it:

java.security.cert.CertificateParsingException: signed fields invalid
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1716)

I don't know what else to try at this point.  I'd greatly appreciate any help.