Openfire checks if the certificates in its identity store properly identify the server (by its hostname and domain name, but also other XMPP addresses). This check fails, when it should not.