I’m trying to use the iChat (4.0.2 604) that comes with Leopard (OSX 10.5.2) to authenticate to my Openfire 3.4.5 server.
I have the server configured properly with a certificate signed by my CA, and have the certificate properly chaining. When I visit the admin web interface, I get no certificate errors in Safari ( I have the root CA in my system keychain). I can successfully authenticate with GSSAPI or a password from Adium, and get no certificate errors.
When I try to connect with iChat I get prompted for my password. However, I then receive an error that iChat can’t verify the identity of the server because the certificate was signed by an unknown certifying authority. If I click the show certificate button, it shows the certificate properly chained to the intermediate cert, then to the root cert, and the root cert is marked as trusted for all users.
If I click continue, I get prompted for my password again, then get the certificate error dialog again. Even if I check the box to trust the certificate, I continue getting cert errors.
Has anyone successfully gotten SSL/TLS to work between Leopard’s iChat and Openfire?