Using a GoDaddy SSL Certificate with Openfire on Debian


1.  Copy your key and cert to the /etc/openfire/security directory on the server

2.  cd /etc/openfire/security

3.  Convert your key and cert to DER format in the root directory:

openssl pkcs8 -topk8 -nocrypt -in -inform PEM -out certkey.key.der -outform DER
openssl x509 -in -inform PEM -out -outform DER

4.  Get some java utilities and place in the /etc/openfire/security directory to create a java key store from AgentBob, ImportKey.class

5.  Stop Openfire
/etc/init.d/openfire stop

6.  Backup your existing keystore
mv keystore keystore.old

7.  Create a new keystore (in root directory keystore.ImportKey):
java ImportKey

8.  Change the keytool passwords back to the defaults (from ‘importkey’ to ‘changeit’)
keytool -storepasswd -keystore /root/keystore.ImportKey
keytool -keypasswd -alias importkey -keystore /root/keystore.ImportKey

9.  Download the the GoDaddy Intermediate Certificate to the /etc/openfire/security directory
wget –no-check-certificate into the
keytool -import -alias intermed -file sf_issuing.crt -keystore /root/keystore.ImportKey -storepass changeit -trustcacerts

10.  Move the keystore to /etc/openfire/security
mv /root/keystore.ImportKey /etc/openfire/security/keystore

11.  Start Openfire
/etc/init.d/openfire start

Special thanks to