How to name the openfire server


I’m starting from scratch my Openfire again (third time…) before moving to another jabber server.

I want to use SRV DNS record so that my users can log in Openfire using their email address, like

And I also want Openfire to see my users as and not

In my DNS I have: 86400 IN SRV 10 0 5269 86400 IN SRV 10 0 5222 IN CNAME myserver.myinternaldomain.priv

I’m using a certificate signed with my corporate CA.

First question: What must be the CN of the cert

Second question: How should I name the Openfire server in the install process:


The problem is you are trying to do something that is not standard. You will have similar issue regardless of what XMPP server you choose. You are trying to configure the openfire server to use a naming structure usually meant for web servers. you will have to have your DNS server configured in such a way that points to a real server such as (or its IP address). Then you need to setup its SRV records like (I am guessing on these as i do not need them):

;; SRV
_xmpp-server._tcp 3600 IN SRV 10 0 5269
_xmpp-server._udp 3600 IN SRV 10 0 5269
_xmpp-client._tcp 3600 IN SRV 10 0 5222
_xmpp-client._udp 3600 IN SRV 10 0 5222
_jabber._tcp 3600 IN SRV 10 0 5269
_jabber._udp 3600 IN SRV 10 0 5269
_jabber-client._tcp 3600 IN SRV 10 0 5222
_jabber-client._udp 3600 IN SRV 10 0 5222

To have my openfire’s users authenticate themselves using instead of is not standard ?

And with the SRV they don’t even have to specify a server name. They just give their email address and the client found the good server with the SRV record. I can’t be the only one to try to achieve this ?

On your SRV’s examples, I think they miss the domain of validity for the service. Copied from wikipedia:

_Service._Proto.Name TTL Class SRV Priority Weight Port Target
**Name**: the domain name for which this record is valid.
example: 86400 IN SRV 0 5 5060

Sorry for my poor english.

No you are not the first and surely will not be the last, but yest this ins not standard. Standard is to give a server any server a name in DNS such as,, or What you are doing is forcing your client to resolve to your chat server. JID are like routing addresses for the clients. Some clients you need only enter the JID as, others ask for the information as separate items (like spark), where you enter a username and separate server address:


This is why it is not stadard practice to do what you are trying to do.