Hi,
openfire 3.6, openldap auth, on centos 5.2 x86_64
I have a working setup but I have a problem in understanding how to name my certificate:
servername:
certificate view in the admin console:
*.talk.example.com (talk.example.com_dsa)
Aug 8, 2013
Self signed
DSA
2.
talk.example.com (importkey)
Aug 29, 2010
Pending Verification
RSA
I don’t know why I have two certs here. It was quite a struggling to import the cert in the keystore by the way. Should I remove one of them ?
DNS SRV Record (bind9):
_xmpp-server._tcp.example.com. 86400 IN SRV 10 0 5269 talk.example.com.
_xmpp-client._tcp.example.com. 86400 IN SRV 10 0 5222 talk.example.com.
Client (adium on mac osx but it should not really matter) configuration:
username: user@example.com
As I am using DNS SRV records I dont need to specify a server name (right ?). I need Strict cert checking to be enable.
And here is my problem: When I connect, the client say:
“This certificate is not valid (host name mismatch)”.
As I don’t want to say to my users to ignore such message, how should I rename my server or my cert to bypass this problem ?
I’ve tried to rename the server to just example.com but then I cannot log in the admin console.
Also, is it normal that connected users appear as user@talk.example.com instead of user@example.com ?
And when I try a file transfert, the transfert is directed to user@talk.example.com instead of user@exampe.com. I think my openfire is messing with user name’s domain: I can log with user@example but for openfire it is user@talk.example and everything break after this.
Thanks a lot for any help.