l have an openfire 4.5.2 that is hosted on RHEL 8.2. l am making an android app that attempts to connect to this server with TLS 1.2. Console kept telling me that there is no match cipher suite, but when l checked client hello with wireshark, l was able to find match between the advertised cipher suite in client hello and enabled cipher suite in Client Connections.
The certificate is self-signed. l made sure the client trust the root CA. l also made psck12 with the certificate and private key and stored it in keystore to make sure the server knows the private key.
Any insight in this issue?
well, l finally resolved the problem, so l just want to leave a note here in case other people see it.
So, the certificate and private key needs to be packed into a .p12 file then imported into the keystore of openfire server, so openfire knows what private key to use for the SSL handshake.
1 Like