I’ve been using JiveServer/Wildfire/Openfire in my organization since 2.2.0 and now am running 3.4.5, I want to secure things a bit better than using the standard certs to negotiate a TLS connection. We have a Windows Enterprise Root CA in our org and I’ve had nothing but issues getting the certificate options working properly. I’ve genreated self signed certs for CSR from Openfire and have signed them with our CA using the web interface, they import correctly (or so the green message says in the certificate window) for both RSA and DSA, but the cert requests never complete! I’ve also taken the main cert on the CA, exported, used OpenSSL to get the RSA and cert info and importing into Openfire which ends up generating a new cert request that appears it wants me to have signed, but erros out when signing.
What am I doing wrong, is there a config missing on my CA?? I didnt configure it and the person who did is gone. I am by no means an expert in certs, but any help with a Windows Enterprise Root CA would be helpful.