We have our own CA that we use to sign certs internally. I cannot get Openfire to honor it. The only thing I know to do is add it to a keystore and use the -Djavax.net.ssl.keyStore -Djavax.net.ssl.keyStorePassword options at start time.
I’ve done this, but when I paste my key/cert into /import-certificate.jsp I get “There was an error one importing private key and signed certificate. Error message: Failed to establish chain from reply”.
I (incorrectly?) interpret this to mean that Openfire is not reading/including my CA.
What do I need to do in order to get Openfire to honour our CA.