[英]How to verify my SSL(https) Certificate is working for Openfire?
I had done the following steps: 我已完成以下步骤:
Create Keystore 创建密钥库
$ keytool –keystore keystore –genkey –alias xyz.com -keyalg rsa -keysize 2048
Generate CSR 产生企业社会责任
$ keytool –keystore keystore –certreq –alias xyz.com –keyalg rsa -keysize 2048 –file client.csr
Get Certificate from CA. 从CA获得证书。 It contains two certificates.
它包含两个证书。
a. 一种。 ssl_certificate
ssl_certificate
b. b。 Intermediate certificate
中级证书
Import signed certificate 导入签名证书
a. 一种。 Import Intermediate Certificate
进口中级证书
keytool -import -keystore keystore -file Intermediate.cer -alias xyz.com_rsa
b. b。 Import SSL Certificate
导入SSL证书
keytool -import -keystore keystore -file ssl_certificate.cer -alias xyz.com
Now, I had checked the signed certificate in Openfire Admin Console
, I found a warning under TSL/SSL Certificate > Openfire Identity Certificate Store
is 现在,我已经在
Openfire Admin Console
检查了签名证书,在TSL/SSL Certificate > Openfire Identity Certificate Store
为
One or more certificates are missing.
缺少一个或多个证书。 Click here to generate self-signed certificates or here to import a signed certificate and its private key.
单击此处生成自签名证书,或单击此处导入签名证书及其私钥。
but Identity is shown a certificate entry
status signed
. 但身份显示
certificate entry
状态为已signed
。
Now, my questions are. 现在,我的问题是。
Note: I delete my self-signed certificate entry. 注意:我删除了我的自签名证书条目。
https://xmpp.net/ provides an online test tool for XMPP connectivity, with a strong emphasis on security. https://xmpp.net/提供了用于XMPP连接的在线测试工具,并特别强调安全性。 I advise that you use that.
我建议您使用它。
An alternative is using openssl. 一种替代方法是使用openssl。 Typically, XMPP servers use STARTTLS on port 5222, which you can check like this:
通常,XMPP服务器在端口5222上使用STARTTLS,您可以像这样检查:
openssl s_client -connect example.org:5222 -starttls xmpp
You can check if your ssl certificate is successfully installed using this site https://www.sslcerty.com . 您可以使用此网站https://www.sslcerty.com检查您的ssl证书是否已成功安装。
you will know if your website's ssl certificate is installed properly, and also all infromation about your certificate's chain information. 您将知道您网站的ssl证书是否已正确安装,以及有关证书链信息的所有信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.