I just picked up a Postitive SSL from ssls.com which is issued by Comodo.
In Openfire I went to TLS/SSL certificates
Created a CSR for my domain
Submitted CSR to cert authority
Downloaded my cert and added it to the Identity store which now shows a Status of CA Signed. RSA
Cert is authenticating properly in browser when logged in to https://chat.domain.com:9091
Pidgin does not trust the certificate.
When testing the cert using the following command I receive the following:
openssl s_client -connect chat.domain.com:5222 -starttls xmpp
no peer certificate available
No client certificate CA names sent
SSL handshake has read 480 bytes and written 128 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported