How to add letsencrypt certificate auto-generated by certbot like this to open fire
If I use the certificate manager, someone would have to renew it by hand.
Check the readme from the Certificate Manager Plugin:
Certificate Manager Plugin Readme Overview
The Certificate Manager plugin adds functionality to Openfire that relates to administration of its certificate stores. Installation
Copy certificatemanager.jar into the plugins directory of your Openfire installation. The plugin will then be automatically deployed. To upgrade to a new version, copy the new certificatemanager.jar file over the existing file. Configuration
The plugin is configured via the Openfire Admin Console. After installation, a new Admin Console page is available. The page can be found under in the "Server", "TLS/SSL Certificates" tab. There, this plugin adds a new item on the side-bar, named "Management". Using the Plugin
This plugin allows Openfire to monitor file changes in a particular directory (which, by default, is /resources/security/hotdeploy/). Whenever a set of files is found that consists of a PEM-encoded private key and a PEM-encoded certificate chain, this plugin will attempt to install them in the Openfire identity store. Let's Encrypt / Certbot integration
The directory watcher mechanism, described above, is an excellent way to make use of the periodically updated data that's generated by Let's Encrypts Certbot. Openfire can be configured to monitor the directory in which certbot places renewed data. This can, however, lead to file-permission issues (the certbot directories are often not readable by the Openfire process). An alternative solution is to use certbots post-hook to copy the data into a directory that can be used by Openfire.