I have a few clients which connect via a connection maanger, and some which connect direct to OpenFire. I have OpenFire configured to require TLS on 5222, and 5223 is disabled. In the session list, all clients connected direct to 5222 are shown as being ‘secure’.
Clients coming from the connection manager are, however, not. While the client shows it’s using TLS, and tcpdump of the external 5222 TCP connection, as well as 5262 into the OpenFire server is encrypted, it’s not really clear from the admin console that it’s encrypted.
Is this a misconfiguration of my connection manager instance, or do TLS sessions on 5222 via the connection manager always show up as insecure in the session list?