does anyone have experiences with a CA Signed Certificates in a Hazlecast Cluster Environment?
I have 4 Cluster Nodes the are working all under the same domain. At the moment every machine has its own openfire generated self signed certificate. Now i want to use a Signed Certificate for the domain chat.example.com. Do i need to configure the same CA certificate on the four nodes? Or register for every machine a new single certificate? Or do i need a wildcard certificate? I’m using Comodo as CA.
Maybe we can help each other given the little commercial support available for OpenFire. You would want to use a *.yourdomain.com cert and place it on all the servers. Then if you were using a load balancer you would want to place the certificate on that box as well (though MMC for windows). My problem is that I can’t get OpenFire to take my certificates through the web interface no matter what format or how I generate them in OpenSSL. Have you been able to upload a certificate into OpenFire that is signed by a CA. I’m currently running windows OpenFire boxes.
Finally found working steps for windows and was able to get my signed certificate in.
After performing the steps above I found that I had a error. This was beacuse I only had a RSA cert and not a DSA cert. I don’t need a DSA cert as almost all XMPP programs in the last X years support RSA. This guide towards the very bottom explained the errors that I had and why. Even with the errors it works.
I will now proceed to clustering given that I have the same certificate on box boxes now. I will let you know how it goes.