powered by Jive Software

New feature: Using Windows certificate stores in Openfire!

Openfire 4.4.2 brings a change that can be leveraged for a new kind of integration with Microsoft Windows.


Traditionally, Openfire ships with its own set of certificate stores. These are the repositories that hold various certificates, which are most commonly used to establish encrypted connections.

As of Openfire 4.4.2, you can now configure Openfire to make use of the certificate stores that are part of / managed by Microsoft Windows. Note that doing this currently allows for Openfire to make modifications to these stores! Some might consider this a bug, while others think it’s a feature.

To configure Openfire to make use of the Windows keystores, define these properties:

  • property name: xmpp.socket.ssl.trustStoreType value: Windows-ROOT
  • property name: xmpp.socket.ssl.identityStoreType value: Windows-MY
  • property name: xmpp.socket.ssl.client.trustStoreType value: Windows-ROOT
  • property name: xmpp.socket.ssl.client.identityStoreType value: Windows-MY

As the feature is new, we’d love your feedback and suggestions on this!