Stop insisting on having certificates with two different algorithms

Openfire prefers to have two certificates in its identity store: one using RSA, one using DSA. There's really no point to this anymore, and it does not rhyme well with modern certificate generation practices (integration with Let's Encrypt will cause Openfire to complain about a 'missing certificate').

Openfire should no longer request two different types of certificate, and settle for one instead.