powered by Jive Software

Connection manager security

Does the connection manager connect to the openfire server with tls/ssl?

I ask this because I logged into our openfire server through a connection manager, and Spark indicates I have an encrypted connect by the lock icon on the bottom right, but the sessions list in Openfire indicates that my users session is not secure (no lock icon).

Thanks for your help.

I’m pretty interested in this as well. I sniffed the traffic between the connection manager and the openfire server, and it appears to be plain-text. Since openfire and the connection manager both support tls/ssl, why isn’t the connection manager <-> openfire server encrypted?

Glad to see I’m not that only one that has noticed this. I find it odd that the security appears to have been forgotten with this component.

Traffic is not encrypted by default between this two components as they are likely to both run on the same local network. This remove the decryption load on Openfire.

You can try to set the xmpp.multiplex.tls.policy (disabled by default) to activate encryption.

In the same way, if you run CM and OF on two different networks, you might want to add compression xmpp.multiplex.compression.policy