Currently running SM 16.3.6705.

 

Is there any way to force XMPP connections to use TLS?  In other words, don't allow the session to establish unless it's secure?

I bound our certificate to the XMPP port (5222) in the SM Bindings section, but clients are still able to connect if TLS is turned OFF at the client's side. 

 

We plan to offer XMPP to some corporate clients who mandate TLS on chat connections for regulatory reasons.  There is no way to lock users out of the settings in the (IOS mobile device) client software being used, so the server needs to refuse to establish the session if a device tries to connect without TLS enabled.

 

Any ideas?