TLS initialization

[eadrwlo]

Hi. Do you know how handshake a secure connection?
I get this error when I tried do set config.setSecurityMode(SecurityMode.required);
Exception in thread "main" org.jivesoftware.smack.SmackException$SecurityRequiredByClientException: SSL/TLS required by client but not supported by server

I know that Firebase do not support STARTTLS extension. So how to do it in the other way?

[carlosCharz]

Hi @eadrwlo I had the same pending task. I found out the same thing that firebase do not support STARTTLS extension. I currently have: config.setSecurityMode(SecurityMode.ifpossible);

I am sorry I cannot help you with that because I am still looking for the solution.

[eadrwlo]

So, Do you know, how it is possible our connection are not refused if we do not meet the below criteria(from FCM docs)??

The connection has two important requirements:

• You must initiate a Transport Layer Security (TLS) connection. Note that FCM doesn't currently support the STARTTLS extension.

[eadrwlo]

I just noticed that if I connect to port 5235 (Production) packet goes over TLS. In other case If I use port 5236 (testing) packet are seen in TCP format. I have monitored it in the Wireshark. Moreover paramater SecurityMode.disabled or SecurityMode.ifpossible do not have any impact on this. Only if this param is set to SecurityMode.required I get this Exception (described in first post) and then probably server try to perform this STARTTLS procedure which is not supported. I suppose config.setSocketFactory(SSLSocketFactory.getDefault()); with the secure port 5235 do the job and handshake TLS is performed after XMPP initial stanzas exchange.