Openfire configuration


Is it possible to have all the openfire configuration written in the “openfire.xml” so that it is easy to reinstall ? All I can see in the openfire.xml is the DB configuration. I don’t see the LDAP configuration in the XML file.


I have the majority of it figured out by populating the database attributes at creation time. My last hold out is how to handle the authentication principals, such as the account and password for AD and account and password for the database connection.

Can we put the configuration on the “openfire.xml” file ?

The answer is yes and no. You can definitely put the configuration in the openfire.xml before first start and it will configure the server. Part of doing this is that it will move certain options into the database and remove them from openfire.xml. Personally, I have created a script to extract the information from the database and create the appropriate XML to insert into the openfire.xml. Admittedly, the configuration I am not using is not overly complicated, so YMMV. The last two oddities that I have is that it is not encrypting the LDAP information in the database and it is not creating the self signed certificate for the Admin console. These may, or may not be, important to you. It does appear to be creating one for it, but OpenFire is showing a name mismatch, so isn’t opening the port.

Hope you find this helpful.

Well actually my configuration is fairly simple. My main concern is the LDAP , admin users and database (which is already in the XML file) configuration. How do I put those in the XML file ? Do you have a sample ?

Well, it is fairly straight forward. You take the property name and use the "."s as delimiters for the XML. To give a specific example, the LDAP authentication properties are ldap.adminDN and ldap.adminPassword, so the XML becomes:

CN=accountName,OU=Some OU,DC=somedomain,DC=local


Did you ever resolve this issue. I am running into the same problem. ldap.adminPassword and ldap.adminDN are not being encrypted despite being included in security.xml.

I also tried “re-using” a postgres db dump after getting this fully configured and I believe the encryption key is randomized because I cannot rebuild using the db dump.