We just set-up Openfire XMPP server and have external clients connecting to the server through the firewall. We have one user who uses the MAC I-Chat client to connect using XMPP. This person is indicating that his I-Chat client is warning him that he is sending his password in “clear” (I assume that this means “clear-text”). I checked the server settings and SSL (self-signed) is configured though optional. The sessions page shows that all users are connected via ssl (including the MAC I-chat user). This is indicated by the little orange lock found on the sessions page of the admin console.
Are the passwords being sent in clear text as the MAC client believes? And is this just another example of MAC not adhering to standards or is my interpretation of Openfires use of SSL different from say a website?
Thanx in advance!!!