powered by Jive Software

Installing a signed CA SSL certificate

I am using openfire 3.6.3 on a ubuntu server. I have a signed CA certificate and installed it in openfire. I’ve created the private key and csr through ssh openssl. Has anyone had any luck installed ssl certificate.

has anyone found a solution? I have trying everthing and it is not working. Please please let me know what worked for you. I am using 3.6.3 openfire on a ubuntu server.

Hi ,

I think you must take a look at how java deal with certificates.

Here is the detais for how to install certificate on a java based webServer (in our case Jetty on openfire):

In your Account Manager at Register.com you will find the following files for download:

  • certificate.crt (that is your end user certificate)
  • intermediary_certificate_2.crt (that is the Intermediary Register.com Certificate)
  • intermediary_certificate_1.crt (that is an additional Intermediary certificate to ensure ubiquity)
  • root_certificate.crt (that is the root certificate

Note: Please replace the example keystore name used below ‘domain.key’ with your real keystore name.

  1. Download your Certificate files from your to the directory where you will keep your certificate and key files.

The four certificates you downloaded must be installed to your keystore in the correct order for your Register.com certificate to be trusted. If the certificates are not installed in the correct order, then the certificate will not authenticate properly. Use keytool to install all three, as follows:

  1. Install the Root Certificate file (root_certificate.crt):
    Type the following command to install the certificate file:

keytool -import -trustcacerts -alias root -file root_certificate.crt -keystore your_domain.key

** Note: Choose ‘Yes’ if you get prompted with a message that says “Certificate already exists in system-wide CA keystore under alias Do you still want to add it to your own keystore? [no]:”

  1. Install the Intermediate Certificate files:
    Type the following command to install the certificate file:

keytool -import -trustcacerts -alias digicert -file intermediary_certificate_1.crt -keystore your_domain.key

  1. Install the second Intermediate Certificate files:
    Type the following command to install the certificate file:

keytool -import -trustcacerts -alias digicert -file intermediary_certificate_2.crt -keystore your_domain.key

  1. Install the Primary Certificate file:
    Type the following command to install the certificate file:

keytool -import -trustcacerts -alias server -file certificate.crt -keystore your_domain.key

You will be prompted for the password, which you chose when generating your CSR.

It will ask if you want to trust the certificate. Choose y or yes.

Where do I create the csr? I did it in openfire, copied rsa csr to register.com and the ssl has been approved. Tried copy certificate.crt ijn CSR reply and also root_certificate.crt in openfire and did not work. Of course 2 separarte times. This is driving me nuts. Yes it is a register.com ssl and I am not getting anywhere with it.

Please help. please.