Self-signed means certificates not signed by some known authority (like Verisign), but generated and signed by a program itself, so it can't be verified whether a certificate is valid and legitimate. Well self-signed are ok for internal and minimal use, they still let you encrypt the messages. So, yes, Openfire generates certificates and signs them itself on the first setup (though they can be regenerated at any point). I'm using those for many years and there was no problems with the clients other that them complaining, that it is a self-signed certificate and some clients requires disabling such checking (like Instabird, Jitsi, Gajim).
↧