powered by Jive Software

How to secure XMPP communication from Mobile App ? What are the steps to enable secure communication with respect to openfire server

We have developed a chat application in both iOS and Android native platform , and all working fine with Port 5222- Plain Text communication. As part of securing the communication between client and server we have disabled Port 5222 and enabled Port 5223 in Client Server port settings. But its getting failed from the client side while connecting. Below is our library for iOS and Android

iOS : robbiehanson/XMPPFramework
Android : Smack-android

Can somebody suggest best way to enable secure communication from Mobile app and Server ?

Thanks in advance.

From what you write, it appears that you don’t have a full understanding of the encryption mechanisms that are available in XMPP and Openfire.

The default communication port, 5222, does allow for plain-text communication, but generally is used for encryption that is based on StartTLS. You can configure Openfire to require this. On port 5223, an encryption technique called Direct TLS is used. This is similar to using HTTPS instead of HTTP.

Port 5222 does not need to be less secure than port 5223. My advise would be to read up on TLS, and particularly on StartTLS, and how that differs from ‘regular’ TLS, and make your decisions based on that knowledge.

1 Like

Thank you guus,
Really appreciate your explanation. Will read more about TLS and find the best for our fit.