To authenticate users we use the global catalog server of AD, which is just an AD LDAP server on port 3268 instead of the standard 369. In Openfire 3.3.3 we could use the port 3269 (offers secure connection to the GC as port 636 does to the standard LDAP) to securley transmit passwords between the Openfire server and the AD server. We just had to ensure that ldap.sslEnabled is set to true in openfire.xml.
With 3.4.0 Beta this is no more working. Just Port 3268 of the GC without encryption works, no matter what we tried in the configuration.
Can somebody confirm that or push me in the right direction how to safely transmit passwords?