I’ve read a lot of guides and howto’s (including all of them here in this forum).
My Setup is:
- Openfire v3.7.1
- Sun Java 1.6
- Ubuntu 10.04 (x64)
- StartSSL Class2 Signed (Web/Apache) Cert
I followed the instructions from here to setup my class2-startssl-certificate into openfire.
Initially everything seemed OK. If I connect to the admin-panel using https (https://talk.mydomain.com:9091) I see the right certificate, so no browser (tested with firefox, internet explorer and chrome) claims about “untrusted” or something.
BUT, if I connect to my openfire-server with (i.e.) Jitsi it tells me, that’s it’s not possible to verify the identity of my server (image attached).
What’s getting me confused is, that in this error-message it says, that the identity of the server, while connecting to talk.mydomain.com, _xmpp-client.talk.mydomain.com couldn’t be verified. The certificate from StartSSL was issued for mydomain.com and talk.mydomain.com, but what is the second requested url in the error-message, _xmpp-client.talk.mydomain.com ?
Do I have to get my certificate with also this “address” ? Could anyone explain me, what and ahy the client is trying to verify this address, as I never saw it before.
Thank you in advance