Now, when I first imported the cert from CACert.org, the server worked without any problem. It wasn’'t until I tried to only allow SSL connections did this start.This is very interesting.
I do not use Keytool, so I am not sure about that. I did try to use OpenSSL to create my own self signed SSL Cert but that wouldn’‘t load into Jive’'s Admin Interface. I could try this again. Does anyone have the exact commands to do this for it to work with Jive. I will add another post with what I used.
I generated the Cert request with OpenSSL using the following instructions:
*+# openssl req -nodes -new -keyout private.key -out server.csr
Then the system will try to generate some very random numbers to get a secure key.
Generating a 1024 bit RSA private key
…++++++
…++++++
writing new private key to ‘‘private.key’’
You will then be asked to enter information about your company into the certificate. Below is a valid example:
Country Name (2 letter code) :AU
State or Province Name (full name) :NSW
Locality Name (eg, city) :Sydney
Organization Name (eg, company) :CAcert Inc.
Organizational Unit Name (eg, section) :.
Common Name (eg, YOUR name) []:www.cacert.org
Email Address []:no-returns@cacert.org
Finally you will be asked information about ‘‘extra’’ attribute, you simply hit enter to both these questions.
Next step is that you submit the contents of server.csr to the CAcert website, it should look EXACTLY like the following example otherwise the server may reject your request because it appears to be invalid.
BEGIN CERTIFICATE REQUEST-----
MIIBezCB5QIBADA8MRcwFQYDVQQDEw53d3cuY2FjZXJ0Lm9yZzEhMB8GCSqGSIb3
DQEJARYSc3VwcG9ydEBjYWNlcnQub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
iQKBgQDQd1ut4TJLWZf5A9r3D17KobCNwz/jfCOYrH0P6q1uw4jfSyrWUeSaVc
59Xjpov8gRctlAuWM9KavkLSF6vcNdDEbvUYnL/+ixdmVE9tlXuSFEGz0GAF5faf
QZe30wk2hnC6PrwclypOhkTXtWgvSHPZg9Cos8xqDyv589QwIDAQABoAAwDQYJ
KoZIhvcNAQEEBQADgYEAJruzBZr4inqaeidn1m2q47lXZUWjgsrp3k3bFJ/HCb3S
2SgVqHFrOisItrr7H0Dw2EcPhIrRokRdjIAwwlxG9v21eFaksZUiaP5Yrmf89Njk
HV+MZXxbC71NIKrnZsDhHibZslICh/XjdPP7zfKMlHuaaz1oVAmu9BlsS6ZXkVA=
END CERTIFICATE REQUEST-----
Once you’'ve submitted it the system will process your request and send an email back to you containing your server certificate.+*