I can get RSA SSL to work in Openfire when the xmpp.domain and the xmpp.fqdn are the same as my Godaddy public hosted domain. SSL starts successfully and my Spark clients connect successfully. However whenever the xmpp.domain and the xmpp.fqdn are using my local Active Directory domain realm and then recreate the certificate request, the new certificate from Godaddy will not work.
The problem is that I must use the local realm domain name for my xmpp.domain and xmpp.fqdn fields for Single Sign-on to work. So the problem I am having is that I cannot get SSO and SSL working at the same time when my local domain and public domain with Godaddy have different names. For example if my local domain is example.local and my Openfire server’s fully qualified domain name is chat.example.local, and my Godaddy public domain is example.gov with the Godaddy certificate common name as chat.example.gov then SSL will not work.
I have been troubleshooting this for weeks and I cannot seem to find a work around. The only other thing I can think of is to rename my local Active Directory domain name to match the name of my public domain name. Do I really need to change my local domain name to match my public domain name to get SSL and SSO working together at the same time?