I am trying to use the SSL and TSL connections from my smack 3.3.0-based XMPP client to an Openfire 3.8.2 server. SSL port 5223 is configured and I imported the self-signed cetificates to the client host, following openfire instructionsare. When trying to conenct SSL, the server doesn't respond. Only the following initial packet is sent:
<stream:stream to="my.xmpp.server.com" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0"></stream:stream>
My client doesn't establish connection, neither can other clients I tested, like Pidgin, Psi, when configured to use SSL port 5223.
TLS connection seems to work with the self-signed certificates. I see the <startls> tags in the raw XML packets, assuming the data is exchanged encrypted, but does the client authenticate the server? I connect with TLS without importing any (self-signed) certificates, on port 5222.
I wonder if smack API do implement self-signed certificate authentication? or is it left up to developers to add-on the authentication management ? Are the self-signed certificates used or authentication is done differently(like DNS) or not done et all? Is using self-signed certificate follow different logic than CA certificates?