Certificate Authority.... Microsoft CA

Feel free to tell me to go away because this question is not necessarily about OpenFire but I am hoping someone here may know. Or at least the answer can help someone else with this problem.

We have our own CA here at work. It’s running on a Microsoft Windows 2003 server box. I filled out the certificate authority section in Openfire and received the two Cert requests. I put them into the Microsoft CA and issued a certificate. Now all I can do is right-click the certificate go to all tasks then export binary data which results in a .tmp file where I saved it.

Opening up the file shows binary data but NOT the normal “— BEGIN CERTIFICATE —” stuff I am used to. How can I convert this file to that format so I can paste the data into the openfire server?

Well, I’m answering my own question. Double-click the certificate within the CA. Choose the “Details” tab to view the certificate and click on “copy to file” choose the base64 encoding.

However, after doing this, interestingly enough, the admin console won’t accept the certificate. Not sure why. it fails saying i should verify the certificate belongs to the right request. I’ll do some more reading here I guess.

Any luck on this? I am seeing similar things with Openfire version 3.6.2 and windows 2003 r2 sp2. If someone can give me idiot proof directions on how to do certs with Openfire and Microsoft CA I would appreciate it.

Hi Thomas,

do you see errors or warning in the Openfire log files? There is also an issue with certificates which will be fixed in the next version: http://www.igniterealtime.org/issues/browse/JM-1503