Hello at all!
I've big problems with the current release of Openfire. It will not accept signed certificates by cacert.org anymore. It worked in older versions via the webinterface, but now i just get a meaningsless errormessage.
I've even imported the certificate via the keytool into the keystore: No success.
The first certificate is for the domain xmpp.<censored>.net. It was signed by cacert.org too and imported without problems in an older version of Openfire (i don't remember which it was anymore). It's an rsa alghorythm. 4096 Bit. Generated by OpenSSL.
Because cacert.org doesn't accept certificate requests with dsa alghorythm in fact of heacy security problems, i wanted to replace the self signed certifacet from Openfire with another one for the domain *.xmpp.<censored>.net.
I've tried for days now, read through the community, googled for similar problems: But everytime there's only the hint "use keytool for import" "install java jce". But none of these works.
What's the problem with Openfire in this case? How about implementing this feature with an easy ability to POINT DIRECT to the certificates in real folders like Apache, TeamSpeak, FileZilla and a lot of other web applications do it? Is it an Java-Designproblem?