There are two ways for using SSL certificates, both has there problems and both does not allow the use of the secured port 5223.
-
to start with the selfsigned certificate, this can be created under TLS/SSL certificate tab and Identity Store. When created the certificate it has to be completed with the issuer information and send to the Certificate Authority (CA). This results in a Pending Verification. No information to found how to handle to get a good working CA certified certificate.
-
the second option is the use of Letsencrypt verified certificates. After copy the contents of the privkey,pem and cert.pem in the right fields openfire acknowledge the certificate a signed approved certificate.
In openfire on port 5222 is set to Needed - A connection cannot be established if the peer does not present a valid certificate.
The result in both way of assigning a certificate (even with deleting one of them) give on Spark: Received fatal_alert: bad_certificate.
Please advice me:
How to get the selfsigned certicate validated and why a already verified certificate is not working properly.