Is Openfire affected by Heartbleed?

I’m just trying to find out if Openfire is affected by the Heartbleed bug and if so, what is your recommendation for remediation?


Jose L.

Port 5222 is plain / TLS. Port 5223 is SSL - but we don’t use OpenSSL.


Thanks LG!

for make sure update your “openssl” on ur server, not ssl but openssl

etc : on debian : apt-get dist-upgrade

Openssl is not required or used by Openfire. Anyhow all OpenSSL 1.0.1 users may want to update unless they did already.

Openfire uses bouncycastle