I think I’ve attempted everything while trying to get this certificate installed. I’ve been using openfire with the fastpath plugin for years and I have never had any issues. We wanted to integrate it into our checkout screen which requires SSL. We’re a reseller for enom, so I go onto the site and grab an SSL. Easy enough … so I thought. We are running openfire on IIS7 and like I said, never had a problem. I have attempted to install the cert using the Server certificates tab in the admin panel. I use the CSR generated by openfire and attempt to install the certificate authority and I get:
“An error occured while importing the Certificate Authority reply. Verify that the reply is correct and that it belongs to the correct certificate.”
I can’t understand why being that the CSR came from openfire. Okay, so I decide to go another route. I tried this setting up these:
- xmpp.socket.ssl.active
- xmpp.socket.ssl.port
- xmpp.socket.ssl.storeType
- xmpp.socket.ssl.keystore
- xmpp.socket.ssl.keypass
- xmpp.socket.ssl.truststore
- xmpp.socket.ssl.trustpass
at the command prompt I go to c:\program files\openfire\jre\bin and I runkeytool -import -keystore keystore -alias chat.mydomain.com -file chat.mydomain.com.cer
That creates a file which I then place in the c:\program files\openfire\resources\security folder, which my xmpp.socket.ssl.keystore is pointed to.
I then get this:
“Unable to access certificate store. The keystore may be corrupt.
One or more certificates are missing. Click here to generate self-signed certificates or http://127.0.0.1:9090/import-certificate.jsphere to import a signed certificate and its private key.”
and sometimes this:
“java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance” with a bunch of jibberish after it.
When I try to access fastpath with the above mentioned error I get a response from FireFox indicating that the SSL certificate wasn’t installed properly.
In addition, I’ve installed the cert into IIS7 and then exported it with the private key. I’ve then used openssl to decrypt the key into part and attempted to import the key into openfire, resulting in “There was an error one importing private key and signed certificate.”
I’m going nuts! I have never encountered a SSL install that’s making me pull my hair out!
Please … Anyone have any suggestions?
They’re greatly appreciated!