Re: openfire-3.8.1-1 Oracle Linux SSL Only s2s

Yes, i found the solution,

i added rootca and interca to truststore

> neith:/opt/openfire # jre/bin/keytool -import -trustcacerts -alias

root -file ~/talamasca/gotowe/jabber/rootca -keystore

./resources/security/truststore

> neith:/opt/openfire # jre/bin/keytool -import -trustcacerts -alias

interca -file ~/talamasca/gotowe/jabber/interca -keystore

./resources/security/truststore

And i have all my certificates in keystore, rootca, interca, mydomaincert

> neith:/opt/openfire # jre/bin/keytool -list -keystore

./resources/security/keystore -v | egrep 'Certificate\[|Owner:|Issuer:'

Certificate[1]:

Owner: CN=*.talamasca.pl, OU=Domain Control Validated

Issuer: CN=AlphaSSL CA - G2, O=AlphaSSL

Certificate[2]:

Owner: CN=AlphaSSL CA - G2, O=AlphaSSL

Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

Certificate[3]:

Owner: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

After this it is working for both sides. It seems that truststore has

old version of this certs.