Installing ssl certs and key from the XMPP Federation. on windows

Bruce4 · August 1, 2007, 4:22am

Hello I have just got my ssl certs and key from the XMPP Federation. dig. signed and am trying to install them on windows xp and Openfire.I can only fined instruction for linux as to how to install them.Where mite I find instructions

for windows install or the how to.

bruce

Alex_Lane · August 1, 2007, 5:49am

Assuming you have a relatively recent revision of openfire server, you can delete your existing certs in the web interface. Then you can access an unpublished URL (still in beta), to import new certs here:

https://[Your OpenFire Server URL]:9091/import-certificate.jsp

or unsecure:

http://[Your OpenFire Server URL]:9090/import-certificate.jsp

IMHO it won’'t matter if the server runs on Linux or Windows as this functionality is part of Openfire itself.

Bruce4 · August 1, 2007, 6:30am

yes latest download of openfire about 1.5 weeks into the server build.Thanks for the info I shall try that out

Bruce

Message was edited by: Bruce00

Bruce4 · August 1, 2007, 7:08am

no would not import got this message

There was an error one importing private key and signed certificate. Error message: problem creating RSA private key: java.io.IOException: unknown encryption with private key

Alex_Lane · August 1, 2007, 7:26am

That’'s probably because the XMPP Fed cert. is AES encrypted.

You need to manually decrypt the private key before the import tool can import it.

If you have access to a Linux machine, you can decrypt it there, otherwise you need to somehow install openssl on windows to decrypt your private key.

When you open the undocumented page that contains the import tool, it should give you some indication of this.

Mine says: "Use the form below to import a private key and certificate that was provided by a Certificate Authority. At this moment private keys encrypted with an AES algorithm cannot be imported. You will need to decrypt them before importing them. However, DES encrypted keys can be safely imported. To decrypt a private key file execute the following command: “openssl rsa -in ssl.key -out decryptedssl.key”.

Message was edited by: centrex

Bruce4 · August 1, 2007, 9:56am

no Linux I have been trying with my Apache2 openssl but every time I get to the the enter the pass phrase the command thingy just blinks and wont let me enter not a letter not a thingy!!! that command thingy just keep on blinking at me wile I sit hear frustrated such a simple thing and am stuck because of this command thingy just blinking at me!!! still have not got the bugs out of my Apache2 ssl session catch!!! windows thingy!!

Bruce