I am using Openfire 3.6.4. I believe the following is a bug. In the admin console, Server Settings -> Security Settings, under Server Connection Security select “Custom”, and then select TLS Method to Optional. Then click Save Settings. It will say settings have been saved, but instead of “Custom” security, “Optional” or “Required” is selected. If TLS Method is instead set to Not Available, then the Save Settings works.
Strangely, if Server Dialback is set to Not Available, then “Required” is selected after the save; if it is set to Available, then “Optional” is selected.