Is there support for startTLS for clients connecting to port 5222 in openfire, as per the RFC Extensible Messaging and Presence Protocol (XMPP): Core ? If so, how to enable it?
You can enable it in the Openfire admin console under Client Connections Settings
:
Server Settings
=> Plain-text (with STARTTLS) connections
=> Enabled
(checkbox should be ticked).
If you want to enforce encryption server-side go to Advanced configuration...
and set STARTTLS policy
to Required
.
If you want to enforce STARTTLS disable Encrypted (legacy-mode) connections
.
Appreciate if you can provide the respective jive properties that govern these configurations, if you know them.
For what it’s worth: this is enabled by default.
Thank you for the response.
I’ve seen this already and assumed that the property ‘xmpp.client.tls.policy
’ was the one that governed this configuration. It was set as ‘disabled
’ for my application, and I tried to set it to ‘required
’ and ‘optional
’ (as per Connection.TLSPolicy Openfire/Connection.java at main · igniterealtime/Openfire · GitHub). However, the connections are seen to be timing out with these configurations. The logs didn’t help much, and I wanted to see if I am using the right property before I debug it further. Hence the query. Looks like I’ve to debug it further.