Unable to make certificates work

Hello everyone.

I’m having some problems getting SSL/TLS to work with certificates I already have. I tested both with a certificate that we already use on other sites of the same domain (*.exemple.com.br), or even one created by certbot, and without success.

With both certificates, I imported the certificate into openfire’s keystore by keytool, but it doesn’t work. When trying to access https via 9091, I get the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH. When trying to log into spark, I get the error handshake_failure.

In the case of the certificate generated by certbot, the server doesn’t seem to recognize the certificate as valid, since they claim they don’t have a certificate and ask to create one.

What am I doing wrong?

Try disabling support for TLS 1.3 in Openfire.