Plain and simple.
I was following this thread
Using cert in Openfire (XMPP-Server) - Let’s Encrypt Community Support
And the reply from Hostmaster said the following:
Recreated a cert that covers alpha.chat.company.org (the openfire server’s FQDN) as well as company.org (the XMPP domain) and the certificate installed.
The workaround for me was to temporarily edit my Openfire server properties to set the value of xmpp.domain to the FQDN of the server AND THEN RESTART OPENFIRE (!).
Then import the cert. It will now pass validation and go live. Now change the value of xmpp.domain back and restart openfire again. All working now and my clients seem to connect securely. I do notice that s2s connections to some services i.e. gmail.com are not secured. And xabber.de seem to not talk to our server anymore. Maybe they don’t recognize letsencrypt yet.
Well I changed the value of the xmpp domain and restarted the server. Then I couldn’t log back in due to the server using LDAP for the admin users. I don’t know of any built in users. Is there a way to change this back via shell to get this back up and running without running through setup again?
installed on CentOS6.8
EDIT: I gave up and went through the setup again with LDAP. seems to be back up. Still having the issue where when trying to import certificates, it says it is not valid for this domain.