I’ll go ahead and bump this again.
In addition to suggestions made in other comments to this thread: Openfire allows for configuration of TLS protocols and cipher suites through the admin console, since the 4.0.0 release of Openfire.
tmwong schrieb:
I am trying to determine what ciphers Openfire uses in TLS-protected chat sessions, and to limit those ciphers to “strong” ciphers (such as those listed by openssl with "-tls HIGH:MEDIUM). The Openfire documentation and the discussion boards are silent about either of these questions…
Maybe worth to mention, if you would like to have strong(er) chiphers you have to manually add them. I downloaded the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 and replaced them with the default files within openfire/bin directory (running on windows server). After a quick restart of openfire i was able to choose ciphers widely. Works with the latest version of openfire 4.0.1.