SSL certificate for Openfire server

Can you tell me how to install a certificate for an Openfire server so that connections like or or are possible?
Openfire server is installed on a VPS, which has all access.
Thank you.

1 Like

Hi @Wolf_1, and welcome to the LE community forum :slight_smile:

We can help you get a cert.
Once you have one, it should be able to be used by Openfire (or any other software).
How to do that exactly within Openfire would be something better asked on their support channel or site.

Do you have a cert yet?


No, I did not understand how to get it for my purposes.

You are maybe overcomplicating the situation by thinking that you need to get a cert specifically for your purpose.
Certificates are mostly general/multipurpose.
They are obtained without much regard for their intended use - think: "one size fits all".

Think of it more as two separate steps not a single (complicated) step.

Step #1: Get a cert
[after step #1 is completed successfully, then proceed to]
Step #2: Use the cert.
[for that you may have to see help directly from Openfire support channels]


I figured out how to install the server on Openfire, it remains to get it.

Again, don't try to use Openfire to get a cert.
[That is within Step #2]

Stick to Step #1 first.
For which you will need an ACME client installed - likely certbot
See: Certbot | Certbot (


What do I need to do to get a certificate?

My edit came late...
See: Certbot | Certbot (

1 Like

Since the certificate is not bound to the web server, do I need to use the DNS plugins option? If yes, which one?

If I get a certificate for a web server using Standalone, can I use it to install on an Openfire server?

You can use --standalone if port 80 (HTTP) can reach your server.

And, yes, as I said before:

Stick to this "plan":


Which operating system will openfire be running on?

As @rg305 says the first job is to figure out how to get a certificate for your domain, and that depends on a couple of things
:- which OS you are running

  • which webserver (if any) is running and is it currently using port 80 (e.g. is it serving a conventional http site already). This affects how you validate your domain for your certificate order.

According to this guide (which is perhaps a little dated)
Openfire: SSL Guide there is a certificatemanager plugin which can help you configure the certificate settings: Ignite Realtime: Openfire Plugins

Certificates (once you've got one) consist of a public certificate file and a private key file (sometimes also bundled as a PFX or p12 file) and how you use those files depends on the thing you are configuring.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.