Hello,
unfortunately I have no success to import the signed certificate with Openfire 3.6.4 after many different attempts. We already have a signed CA certificate from TC TrustCenter and no passphrase has been used to create the private key.
Therefore I have some questions…
-
What is the correct method to use such a server certificate? Should I use the manual way to import the certificate like it is described in http://www.igniterealtime.org/builds/openfire/docs/latest/documentation/ssl-guid e.html? If yes, should I begin with step 4 in the description because I already have a certificate? Do I also have to use the admin console to import the signed certificate (crt file) and private key (key file) after I finished with the last step (Configure Openfire) and after restarting openfire?
-
Should I convert the signed certificate and the key into DER format when I want to import them to the keystore like it is told in http://www.lovelysystems.com/importing-an-existing-ssl-certificate-to-openfire/?
-
When I try to import a signed certificate (crt file) and its private key (key file) within the admin console, I see “Pass Phrase used for creating Private Key”. Is this just an optional field or do I have to convert the private key because there is no pass phrase for the private key?
-
For testing purposes: Is it really necessary that the host name of the server is exactly identical to the common name which is used in the certificate?
Could you please help me, because I have no idea how to go on.
Thank you! I would be very glad if you can help me!!!
Florian
PS: I also get an error message in the admin console under Server Certificates…
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jce.provider.JDKDigestSignature.engineInitSign(Unknown Source)
at java.security.Signature$Delegate.engineInitSign(Signature.java:1095)
at java.security.Signature.initSign(Signature.java:480)
at org.bouncycastle.jce.PKCS10CertificationRequest.(Unknown Source)
at org.bouncycastle.jce.PKCS10CertificationRequest.(Unknown Source)
at org.jivesoftware.util.CertificateManager.createSigningRequest(CertificateManager.java:392)
at org.jivesoftware.openfire.admin.ssl_002dcertificates_jsp._jspService(ssl_002dcertificates_jsp.java:548)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1093)
at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:66)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:42)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:70)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:146)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1084)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:726)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:206)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:324)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:505)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:829)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:380)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:395)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:488)