We're updating the issue view to help you get more done. 

Generation of self-signed certs doesn't include SANs

Description

Openfire allows an administrator to replace certificates in the identity store with a new keypair and certificate that is self-signed.

The self-signed certificate should have subject alternative names for all XMPP identities of the server (typically including conference.example.org and pubsub.example.org, but does not.

This issue is most notable when clicking on the first 'here' in the link on the TLS admin console page that reads:

A certificate for the domain of this server is missing. Click here to generate a self-signed certificate or here to import a signed certificate and its private key.

You'd expect that message to go away after clicking on that link, but it does not.

Environment

None

Acceptance Test - Entry

None
Fixed

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Priority

Minor
Configure