I’m connecting to an openfire server using a smack client. If I do a standard connection using TLS on 5222, isSecureConnection() returns true. If I use an SSL connection connecting to 5223, isSecureConnection() returns false.
I couldn’t find an easy way in the smack library to tell it to use an SSL socket, and it wasn’t easy to find help online (I found a lot of old javadocs that show an SSLXMPPConnection object, which must be gone in the newer library), but I eventually was able to negotiate the SSL connection by calling setSocketFactory(…) on my ConnectionConfiguration instance (passing in an SSLSocketFactory), before creating my XMPPConnection.
Is that the correct way to connect via SSL? It connects ok, and my client can do everything I want it to, but isSecureConnection is returning false. Any input would be greatly appreciated! Thanks.
Does anybody know anything about this? isSecureConnection() still returns false after successfully negotiating SSL.
Any help would be greatly appreciated!
Richard
Hey Richard,
XMPPConnection#isSecureConnection() is returning true only if TLS was negotiated with the server (a la XMPP). Moreover, using port 5223 is the old way for using SSL and it is discouraged since it is not XMPP 1.0 compliant. Smack is not supporting the old SSL method (unless you make it so). Having said all this, I would recommend using start TLS over port 5222 and things will go fine.
Regards,
– Gato
Thank you for your reply. I understand and agree with all that you have said. Unfortunately, one of the things that I need to support is optional use of SSL (as nearly all jabber clients still seem to support).
The javadoc description of isSecureConnection() says:
“Returns true if the connection is a secured one, such as an SSL connection or if TLS was negotiated successfully.”
Based on this, I was expecting it to return true even with an SSL connection - and since it was returning false I was afraid I had done something wrong.
So, you’ve just told me that isSecureConnection only returns true if it successfully negotiates TLS, and an SSL connection will return false (the behavior I’m seeing) I can work around this in my application.
One more thing - If I want to force an SSL connection, am I going about it correct way?
Richard
Hey Richard,
I updated the javadoc to make it clearer that #isSecureConnection() is about TLS and not the old SSL.
One more thing - If I want to force an SSL connection, am I going about it correct way?
If you want to force secure connections you can do it from the server side. By making it required the server will require TLS when using 5222 and SSL on port 5223 will also be available.
Regards,
– Gato