On Monday, November 04 2013, Justin T. Pryzby wrote:
> If you mean in C2S: <id require-starttls='1'>.
>
> You can also set <ssl-port>5223</ssl-port>, which will naturally
> reject anything that's not valid SSL (different from xmpp+starttls).
Also, if you want to allow *only* encrypted connections between
server-to-server, you will want to look at your s2s.xml, and uncomment
<require_tls/>:
<security>
<!-- Require TLS secured S2S connections -->
<!--
<require_tls/>
-->
Don't forget to uncomment the <pemfile>...<pemfile/> tags as well.
--
Sergio
