I have a domain name, which also has a SSL Certificate provided by Comodo Positive SSL, in conjunction with OpenSSL. Provided with it, were the following files.:
I personally, have also created a private key .pem file via openssl. I currently am trying to get these certificates to somehow work with openfire. I have been googling for about 5 hours now, and cannot seem to find a working tutorial. I have followed quite a few of them which walk through manually using keystore commands. The only issue with these tutorials, is that they completely kill my Openfire installation.
Whenever a keystore command, or rather, and truststore or keystore tampering occurs, my admin panel turns into this.
HTTP ERROR 500
Problem accessing /index.jsp. Reason:
org.apache.commons.httpclient.HttpClientError: java.io.IOException at org.jivesoftware.openfire.clearspace.SSLProtocolSocketFactory.createSSLContext( SSLProtocolSocketFactory.java:73) at org.jivesoftware.openfire.clearspace.SSLProtocolSocketFactory.getSSLContext(SSL ProtocolSocketFactory.java:79) at org.jivesoftware.openfire.clearspace.SSLProtocolSocketFactory.createSocket(SSLP rotocolSocketFactory.java:132) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDir ector.java:387) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirect or.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.jivesoftware.util.HttpClientWithTimeoutFeedFetcher.retrieveFeed(HttpClientW ithTimeoutFeedFetcher.java:169)
(etc… I cut off the rest for the sake of avoiding a wall of text)
This is kind of annoying to find myself at since this error really, tells me nothing usefull. Perhaps someone else may find information from it, but a basic java.io.IOExeption is a pretty basic, non detailed error.
I have tried adding the certificates through the ‘web interface’ but have never had any luck with the 15 times I tried. It seems it either said it was a invalid private key (so I made a private key .pem) or that the certificate is wrong (which aparently was fixed by copying it from a different editor), to now saying that it could not read from the chain, or get a reply, (or something similar).
I am really really hoping to get Openfire to work well because ejabberd plain up, wont even start on my server.
Anywho, I am open to all input, ideas, and questions.
Openfire does run properly prior to any SSL certificate activity. It just has lesser security.
OS:…Linux (Ubuntu Server 12.10)
Install Setup:…Apache2, MySQL, OpenSSL, Java 1.7.0 55 via Open JDK 2.4.7
Openfire Version:…3.9.3, installed via .deb
Certificate Authority:COMODO Positive SSL