How secure? running openfire as localhost

Hello
I set up openfire on the same host nextcloud is running. People must connect to nextcloud using https. Does this mean that ojsxc communication is secure too if openfire is on the same host?

Or do I have to use ssl/tls anyway, to make ojsxc secure?

Any hint is welcome!

Kind regards, go4ncloud

Depends on your config. If you use a proxy (e.g. yournextcloud.com/http-bind/ --> localhost/http-bind) than you don’t need to configure tls for your openfire server. You find more information in our wiki https://github.com/jsxc/jsxc/wiki/Prepare-apache