Is there support for startTLS for clients connecting to port 5222 in openfire, as per the RFC Extensible Messaging and Presence Protocol (XMPP): Core ? If so, how to enable it?
You can enable it in the Openfire admin console under
Client Connections Settings:
Server Settings =>
Plain-text (with STARTTLS) connections =>
Enabled (checkbox should be ticked).
If you want to enforce encryption server-side go to
Advanced configuration... and set
STARTTLS policy to
If you want to enforce STARTTLS disable
Encrypted (legacy-mode) connections.
Appreciate if you can provide the respective jive properties that govern these configurations, if you know them.
You can find them on github @ ConnectionSettings.java
For what it’s worth: this is enabled by default.
Thank you for the response.
I’ve seen this already and assumed that the property ‘
xmpp.client.tls.policy’ was the one that governed this configuration. It was set as ‘
disabled’ for my application, and I tried to set it to ‘
required’ and ‘
optional’ (as per Connection.TLSPolicy Openfire/Connection.java at main · igniterealtime/Openfire · GitHub). However, the connections are seen to be timing out with these configurations. The logs didn’t help much, and I wanted to see if I am using the right property before I debug it further. Hence the query. Looks like I’ve to debug it further.