I've been running an openfire server for a couple years now and there is something that I still can't get a grasp on relating to my server domain and my server hostname and I've yet to properly deploy working SSL certificates as a result. This is one thing that is really making me feel like an idiot but I just can't seem to grasp it. Jabber usernames are user@domain.com but, obviously, the jabber server is rarely reachable at domain.com which is why you use SRV records to point to jabberserver.office.domain.com.... I grasp that concept and have SRV records set up, etc. But here's where I can't seem to get things right.... it seems that the jabber server wants to operate as domain.com and not jabberserver.office.domain.com so it would make sense that you would get an SSL certificate signed for domain.com but this creates an issue when you go to https://jabberserver.domain.com:9091 and when your XMPP client is connecting to your server at jabberserver.domain.com since the certificate being presented is for domain.com.
Could someone please shed some light on how things work.... I've tried googling and figuring this out but I can't seem to find any information that relates to this -- and some of it is probably quite simply that I don't know what to look for.