Just a update on this: There's also some kind of a discrepancy between /opt/openfire/resources/security/keystore and /etc/openfire/keystore, as supplied by the default ArchLinux package. Adding my Class 2 certificate to the keystore into /opt/openfire/resources/security/keystore yields a warning about the domain name mismatch (and the certificate is ignored), whereas adding the same certificate into the keystore in /etc/openfire/keystore causes a message saying that the keystore is corrupt. This is indeed a strange and buggy behavior. The import-certificate.jsp site adds the Class 1 certificate to the keystore in /etc/openfire/keystore, but refuses to add the Class 2 certificate anywhere.
↧
Re: [bug] Cannot import a StartCom certificate with 2 altsubject names
↧
