Security is a complicated matter. These two options are the first steps into the right direction. But how secure the connection finally is, depends on a few more variables, like the used cipher and TLS version. Also note that SecurityMode.enabled means that TLS will be used if it’s available and otherwise no TLS will be used, meaning that TLS is optional. You may want to use SecurityMode.required.
The Truststore setting tells Smack to use Android’s CA Store, which is IIRC only available on Android 4.0 or higher. A truststore stores all certifactes that are trusted Which means that all certificates that are signed by one of the certificate authorities certificates in this truststore, are considered valid.
like the used cypher and TLS version. Also note that SecurityMode.enabled means that TLS will be used if it’s available and otherwise no TLS will be used, meaning that TLS is optional. You may want to use SecurityMode.required.
how can I use cypher between asmack and openfire ???