PositiveSSL(Comodo) certificate - client complains that it is self signed
The problem I am facing is that although Tigase accepts a certificate by Comodo, when connecting from clients to the server the client is complaining that the cert is self signed.
Tigase server version I am using is: tigase-server-7.0.2
Java: OpenJDK 1.7.0_91
The cert file is created based on the files received from PositiveSSL(Comodo:
Root CA Certificate - AddTrustExternalCARoot.crt
Intermediate CA Certificate - COMODORSAAddTrustCA.crt
Intermediate CA Certificate - COMODORSADomainValidationSecureServerCA.crt
Your PositiveSSL Certificate - mydomain.crt
The pem file to be used in Tigase created with the following command:
cat mydomain.crt mydomain.key COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt AddTrustExternalCARoot.crt > mydomain.pem
and placed in the certs folder.
2016-01-09 21:43:52.071 [main] SSLContextContainer.init() CONFIG: Loaded server certificate for domain: mydomain from file: certs/mydomain.pem
It is being successfully loaded by the server and it is not being replaced by Tigase, still the client software is complaining that it is self signed.
What could be the problem? How could I debug it?
Added by Wojciech Kapcia about 3 years ago
what certificate is presented to the client? is it the same certificate or not?
are you connecting to the
what kind of connection are you utilising? regular socket connection with TLS over port 5222, legacy SSL connection over port 5223, bosh over 5280 or websocket from browser? I the cases except for the first one Tigase will utilise
certs/default.pemcertificate as it's not possible (by default) to determine the destination domain hence default certificate is being used.