OpenFire inherits all the suckiness of Java SSL too, so there's a bunch of problems you probably haven't experienced yet. My suggestion, along with biased @zash, is migrating to # ;)