Connecting users by domain name from the internal network

OS Windows. An internal openfire server is currently running with the name XMPP and FQDN: “local-ip-address” and a self-signed certificate. By “local-ip-address” users are connected to the server. It also took to connect to it from the Internet. When openfire reconfigures the XMPP and FQDN name to the domain name and ssl certificate from Let’sencrypt, then I open port 5222. From the external network, users connect by domain name and everything is ok. But now they can’t connect from the internal network by domain name - the connection is refused. If by “local-ip-address” - then the certificate error. What else do I need to do so that local users can connect to openfire by domain name? Is it really necessary to register the ip address forwarding in the “hosts” file on all client PCs?

This is more of a networking question than an Openfire question. The best solution is to configure your network stack to have the XMPP domain name resolve to the correct IP address for the Openfire server. Doing that through hosts file modifications is one way, but you can typically do that in a more central place too (like in DNS settings).

Most clients will also allow you to override the hostname or IP address of a particular XMPP domain name - but that’s not much better than modifying hosts files.