SOP
Users browsers to web site for PKI enabled XCP Server.
XMPP server is running Tomcat, webapp gets user PKI: certs = X509Certficate[] request.getAttribute(“javax.servlet.request.X509Certificate”);
XMPPConnection needs physical disc location set in ConnectionConfiguration config.setKeystorePath.
I tried using keytool and openssl to generate on web server.
keytool -genkeypair (using jid from certs[0] to generate newcert.ks
keytool -certreq to generate newcert.csr
openssl X509 -req to generate newcert.crt
keytool -importcert to import newcert.crt into newcert.ks
Problems I’m having
openssl returns “unable to load CA Private Key”.
I’m using newcert.ks with config.setKeystoreType(“JKS”) and getting SSLHankshake error.
Can anyone help me generate the PKI on the XMPP server?