Using a xmpp ssl certificate in openfire

I got CA approved our xmpp through and imported in openfire 3.6.0 with no problems. When I try to log in from spark, it won’t log in for me. When I delete the certificate, restart http, add a new self-signed certificate, restart http then I can log in to spark through windows.

We would like to use a secure connection. I am using port 5222 with both CA certificate and self-signed certificate.

Any advice?

Hey Hosdes,

You should either use CA signed or self-signed certificates but not both at the same time. Unless one is DSA and the other one is RSA. When using the CA signed certs only have you tried with other clients? Spark is not going to show you what it didn’t like of the certificate but other clients may do that. I think that Psi will show you what it didn’t like of the cert. Also, do you see any warning sign in the main page of the admin console when you have the RSA cert installed?


– Gato

We are only using one. a self-signed certificate that comes with RSA and DSA. In Openfire >> Server >> server certificates I click on Issue Information. Then Openfire shows me both RSA and DSA to paste in Certificate Authority Reply. I do this and the self-signed certificate is approved in Openfire from a CA.

Any Advice?

Ok. So you are following the process create self-signed, send to CA to sign and then import signed cert. In that case a mismatch of the XMPP domain is very low. What do you see when using other clients like for instance Psi?

– Gato

Oh I guess it is imported certificate. when I went to it did not ask me to copy and paste.

I have three files from with certificate info - private key, certificate request and CA certificate. when I click on import it has 3 fields

  1. Pass Phrase used for creating Private Key - copied private key passphrase

  2. Content of Private Key file - copied private key

  3. Content of Certificate file - copied CA certificate

It did not work. It says this.

There was an error one importing private key and signed certificate. Error message: problem creating RSA private key: exception using cipher: Illegal key size

Please advise.

Read the text at the top of the import page and you will find an explanation for this error and a link to follow. You will need to install a Java extension to support strong security.

– Gato