Cert generation and import scripts now support any number of XMPP servers and use more intuitive naming for the certificates.
This will make it easier to move cert generation to other configurations. Maybe promoting this to a top-level script to generate certs in all scenarios.
- Update OCSP URL in certificate generation from IP to domain name
- Add OCSP hostname to docker-compose network configuration
- Document useful hosts file entries in README.md
The changes make it easier to test OCSP locally with clients by using domain names that can be mapped in host files.
Adds Online Certificate Status Protocol (OCSP) support to the federated Openfire setup:
- Add certificate generation script with full PKI hierarchy
- Add certificate import script for Openfire keystores
- Implement OCSP responder service via Docker compose
- Update documentation with OCSP usage instructions
The -o flag can now be used with start.sh to enable OCSP support.
Matthew Vivian