Tell comodo you need it for openssl + apache
How to setup comodo positive SSL with Openfire 3.9.x From START TO FINISH (this took over 24 hours to gather and solve)
Here are the commands you will eventually need:
Generate your privatekey.pem
openssl genrsa -des3 -out privatekey.pem 2048
Generate your CSR to send to COMODO
openssl req -out CSR.csr -key privatekey.pem -new
Send COMODO the CSR (its the contents of your CSR.csr)
Eventually comodo will send you a zip with a few files, just transfer the zip to the server (or use ftp)
At this point the .zip is on the server in your home directory.
unzip YOURDOMAIN_ext.zip
Now we need to convert your certificates so openfire can use them
penssl x509 -in YOURDOMAIN_ext.crt -out domain_cert.der -outform DERpenssl x509 -in COMODORSAAddTrustCA.crt -out inter1.der -outform DER
penssl x509 -in COMODORSADomainValidationSecureServerCA.crt -out inter2.der -outform DER
Now we convert the DER to PEM for openssl
openssl x509 -in domain_cert.der -inform DER -out domain_cert.pem -outform PEM
openssl x509 -in inter1.der -inform DER -out inter1.pem -outform PEM
openssl x509 -in inter2.der -inform DER -out inter2.pem -outform PEM
Now that our certificate and intermediate files are setup, we can concatnate them all onto one file for Openfire
cat domain_cert.pem inter1.pem inter2.pem >> openfire_bundle.pem
Now, copy the contents of openfire_bundle.pem into the certificate section of the admin panel. Copy the contents of your primarykey.pem to the key section of the import page in the admin panel. Put the password for your key into the paraphrase box in the import page in the admin panel.
Remember to REMOVE the old self signed dsa and rsa certficates!
Hit submit, and it should work, let me know if it doesn't and what it says.