powered by Jive Software

Letsencrypt SSL Certificate Setup

I’m trying to set up OpenFire to use a letsencrypt certificate. I have gone to the TLS menu, clicked on one of the “manage store contents” (as far as I can tell, they are all identical stores?), used the import link, and copied and pasted the letsencrypt cert and key file contents into the respective fields. However, when I try to connect with Spark, I still get “Unable to verify certificate” when trying to connect unless I turn on “accept all certificates”.

A couple things to note:

  • It’s definitely made a difference as the self signed certificates required also disabling the hostname match on the certificate
  • In the openfire identity store setup, I can’t seem to change the dsa key to be verified against a CA?

I figured it out via this post: Apple Open Directory lessons 10.6

Bascially, you paste in the private key and the cert as expected, but you also have to paste in the chain IMMEDIATELY following the cert, in the same text field.

Open fire should really have another entry field for the chain. This would practically be obvious then.