[Bug 592836] SSL certificate for jabber.gnome.org invalid, clients cannot connect

  sysadmin | Other | unspecified

Olav Vitters <bugzilla-gnome> changed:

           What    |Removed                     |Added
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED

--- Comment #8 from Olav Vitters <bugzilla-gnome vitters nl> 2010-03-03 22:15:53 UTC ---
Created an private and certificate file. This cannot be imported using keytool,
nor with the openfire web interface.

Name the private file key.pem
Name the certificate file cert.pem

openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER
openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER

In ImportKey.java (taken from http://www.agentbob.info/agentbob/79-AB.html),
> String keypass = "importkey"
> String keypass = "changeit"

> String defaultalias = "importkey";
> String defaultalias = "jabber.gnome.org";

/opt/openfire/jre/bin/java ImportKey key.der cert.der
# This creates ~/keystore.ImportKey
/etc/init.d/openfire stop
mv ~/keystore.ImportKey /opt/openfire/resources/security/keystore
/etc/init.d/openfire start

WARNING: /usr/bin/keytool on label is the GNU version. Use one supplied with
Openfire /opt/openfire/jre/bin/keytool instead! The GNU version cannot read the
file produced by Openfire.

Oh, and to get admin rights on Openfire:
/etc/init.d/openfire stop
vim /opt/openfire/embedded-db/openfire.script

Search for:
> INSERT INTO OFPROPERTY VALUES('admin.authorizedJIDs','admin gnome org,jdub gnome org,ovitters gnome org')
change it appropriately.

/etc/init.d/openfire start

Seems Openfire is configured to read in those SQL statements into a memory
database (HSQL).

Btw: Certificate seems to work, maybe missed something. Pidgin didn't accept it
by default though.

Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the QA contact of the bug.
You are watching the assignee of the bug.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]