I have problems installing certificate for a server, using hotdeploy. The openfire log says:
2021.07.19 19:15:16 INFO [pool-5-thread-1]: org.jivesoftware.openfire.keystore.IdentityStore - The supplied certificate chain does not cover the domain of this XMPP service ('example.com'). Instead, it covers [autoconfig.example.com, autodiscover.example.com, mail.example.com]
I don’t understand, why the certificate should cover the domain, instead of the server?
The SRV records are pointing to the server, just as is the client configuration:
_xmpp-client._tcp.example.com. IN SRV 0 0 5222 mail.example.com. _xmpp-server._tcp.example.com. IN SRV 0 5 5269 mail.example.com.
mail.example.com should be just enough here.