Certificate path validation error on Spark

Hi folks,
May be someone faced the same issue that i have here. i have just generated a certificate from letsencrypt and from the logs below looks like it has been installed as well.

Now when i try from my Spark client it gives me an error “certificate path validation failed”. I am using security option (*if possible) it was working fine before the installation of my certificate :wink:

2022.06.26 15:34:36 INFO [pool-701-thread-1]: org.jivesoftware.openfire.keystore.IdentityStore - Installed a new private key and corresponding certificate chain.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.keystore.CertificateStoreWatcher - A file system change was detected. A(nother) certificate store that is backed by file ‘/opt/openfire/resources/security/keystore’ will be reloaded.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[socket_c2s] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[socket_c2s-legacyMode] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[socket_s2s] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[component] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-701-thread-1]: org.igniterealtime.openfire.plugins.certificatemanager.DirectoryWatcher - Hot-deployment of certificate and private key was successful.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[component-legacyMode] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[connection_manager] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.ConnectionListener[connection_manager-legacyMode] - Reconfigured.
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.http.HttpSessionManager - Stopping instance
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.http.HttpBindManager - HTTP bind service stopped
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.spi.EncryptionArtifactFactory - Creating new SslContextFactory instance
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.http.HttpBindManager - Installed response compression filter
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.http.HttpSessionManager - Starting instance
2022.06.26 15:34:36 INFO [pool-25-thread-1]: org.jivesoftware.openfire.http.HttpBindManager - HTTP bind service started

whats the full error you get in spark?

just tested this. I think this issue is with OCSP. Can you try the following
On the login screen on spark, select “advanced” then select the “certificates” tab at the top. Next UNCHECK “check OCSP”, and click ok. Try connecting.

Thank you speedy. I got it working now. By the way i am running 4.2.2 version. is there anyway to upgrade this directly or i have to download the latest rpm ?


what was the resolution in your case?
to upgrade, you’ll need to download the latest rpm

Next UNCHECK “check OCSP”

ok cool i will upgrade.

fyi. did a quick test. reloaded lets encrypt cert only (not the full chain), and OCSP worked as expected.

Hi Speedy i have just updated to the latest version. Yes you are right i tried to check/uncheck both options are working now. Not sure why it did not work for the older version.