powered by Jive Software

SASL EXTERNAL for c2s doesn't work?

I try to use SASL EXTERNAL with Openfire for my client to server connection. Here it seems to be offered for clients:

however when I try to connect there is no SASL-EXTERNAL in stream:features among other SASL mechanisms. I am missing some settings in Openfire?

SASL-EXTERNAL will most likely not be offered as an available mechanism, if the connection is not encrypted. Either use STARTTLS, or connect to 5223 (and make sure that the client offers a certificate issued by a CA that is recognized by Openfire’s 'client trust store).