Spark Security Settings using a DNS alias

Hi. I recently updated our openfire instance to the latest version and now I am looking to get our spark client updated to the most recent version. Currently, we are connecting to the openfire server with a DNS alias in active directory named SPARK. With the latest client, I am not able to connect without security errors to that alias. I can bypass this by changing some settings in advanced settings, but I do not want to have to do this as I push out a client update to hundreds of users - I don’t want them having to go into advanced settings. Connecting to the real server name is fine, I just need to accept using a self signed certificate and I am on my way. Can anyone recommend a way to allow this same behavior when connecting to our DNS alias? I have tried adding a self singed certificate for the alias and that took down the management UI. Does anyone have any suggestions here? Thanks