I use SSL certificate from sslforfree.com.
There should be 3 files.
1. certificate.crt
2. private.key
3. ca_bundle.crt
Step 1: import first 2 files via Openfire Admin console
Import Private Key and Certificate under TLS/SSL Certificates tab
Step 2: copy /opt/openfire/resources/security/keystore to desktop
Step 3: using http://keystore-explorer.sourceforge.net open keystore
password is changeit
Step 4: Append the file 3 (ca_bundle.crt) to certificate imported in step 1
Step 5: save the changes to keystore.
Step 8: move the updated keystoke to server /tmp
Step 6: Stop openfire
Step 7: replace /opt/openfire/resources/security/keystore with updated /tmp/keystore file.
(backup original just in case)
Step 8: Start openfire