Openfire 3.9.3: Import Certificates error

Hello at all!

I’ve big problems with the current release of Openfire. It will not accept signed certificates by cacert.org anymore. It worked in older versions via the webinterface, but now i just get a meaningsless errormessage.

I’ve even imported the certificate via the keytool into the keystore: No success.

The first certificate is for the domain xmpp..net. It was signed by cacert.org too and imported without problems in an older version of Openfire (i don’t remember which it was anymore). It’s an rsa alghorythm. 4096 Bit. Generated by OpenSSL.

Because cacert.org doesn’t accept certificate requests with dsa alghorythm in fact of heacy security problems, i wanted to replace the self signed certifacet from Openfire with another one for the domain *.xmpp..net.

I’ve tried for days now, read through the community, googled for similar problems: But everytime there’s only the hint “use keytool for import” “install java jce”. But none of these works.

What’s the problem with Openfire in this case? How about implementing this feature with an easy ability to POINT DIRECT to the certificates in real folders like Apache, TeamSpeak, FileZilla and a lot of other web applications do it? Is it an Java-Designproblem?

I wish I knew why openfire was also so incredibly complicated to get working with properly signed certificates, it’s absolutely ridiculous we have spent 3 weeks on ours and made very little progress on getting things working, I posted on here too but I honestly am doubting if my question will even get answered.

I think we should combine these two threads together: Help, installing openfire SSL certificates fails

Hi,

I’ve just spent all day on this, I’ve just posted a big howto here, it’s just waiting for moderation approval: HOWTO: Import a signed SSL certificate into Openfire