powered by Jive Software

How to convert an SSL cert for Java/Openfire?

I have obtained an SSL certificate for my domain from CAcert. From what I understand about SSL, it’s in PEM format and contains the certificate and the private key in one file. I previously imported another SSL cert into Openfire using a Java tool called ImportKey. From my old script, it requires two files that I called key.der and cert.der to import the key. I have those files for the other certificate, but not for this one and I don’t know where I got them years ago. I only have one PEM file. ImportKey cannot handle that file. I can convert the file to DER format with openssl, but that’s only one file, not two. If I enter that file twice in ImportKey, it also fails:

java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DER input, Integer tag error

Now how am I supposed to import that dumb certificate into Java? What is the official working way to get this simple task done? I mean, for Apache and tons of other apps, I just give them the file path to the file containing key and cert in PEM format and It Just Works™. Why is everything so complicated with Java? Can anybody help me out?

Is it right that keystore management with a commandline tool is totally obsolete again and I should import SSL keys and certificates in the web admin console now? I found that option, used it and then deleted the default generated certificates, but it still warns me that something is missing and I should generate a new certificate. Why that again?