We host a clustered openfire system using two servers. The servers themselves have a DNS name of the form:
server1.domainA.com
server2.domainA.com
whereas the XMPP domain name is server.domainB.com
In each server we have installed the domainA/domainB certificate combo (that is, 2 ssl certificates, i.e. server1.domainA.com & server.domainB.com).
However, openfire’s XMPP engine uses the same cert as the HTTP admin page and only one certificate within the keystore can be active at the same time. As a result, we can either access the server as the one DNS name or the other, not both at the same time (domainB only for XMPP communication and domainA for administration).
Is there any way by which openfire can recognize both certificates, one for one protocol and one for the other?
A workaround might be a so-called Unified Communications SSL certificate, where more than one DNS names can be signed by the CA in the same cert. Is there another solution to that?