What’s The Buzz

Random posts on what’s happening in the world of Linux and Open Source Technology

Linux Goodies

Linux tips and tricks picked up on the job as a Linux Systems Engineer.

Apple Goodies

All things wonderful about Apple Computers and Devices

Microsoft Goodies

Microsoft System Engineering tips and tricks as told by a Linux Systems Engineer

XKCD

Get your daily dose of the XKCD cartoon

Home » Linux Goodies

Openfire SSL instructions

Submitted by on February 23, 2008 – 6:43 pmNo Comment

The instructions for openfire ssl are incomplete. I had my certificate signed by a CA and following the instructions in the openfire ssl guide, I had difficulty. After you follow the steps down to the part about the truststore, you need to follow these instructions, replacing the filename, alias and password with your own. Once you import the signed cert into the truststore and restart openfire and go to the server certificates page, you will see that openfire now reports your cert as signed and all will be great. You can then require ssl communication and if you view sessions, it will show that they are secure.

$ keytool -export -alias example.com -file mycert.cer -keystore keystore
Enter keystore password: changit

Certificate stored in file mycert.cer

Then we need to create the truststore if it does not exist and import the certificate into the trueststore:

$ keytool -import -alias example.com -file mycert.cer -keystore truststore

Enter keystore password: opensource
Owner: CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
Issuer: CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
Serial number: 43bff927

Valid from: Sat Jan 07 18:23:51 CET 2006 until: Fri Apr 07 19:23:51 CEST 2006
Certificate fingerprints:
MD5: CF:DC:71:A8:F4:EA:8F:5A:E9:94:E3:E6:5B:A9:C8:F3
SHA1: 0E:AD:F3:D6:41:5E:F6:84:9A:D1:54:3D:DE:A9:B2:01:28:F6:7C:26
Trust this certificate? [no]: yes

Certificate was added to keystore

Comments are closed.