This implementation works well but it didn't work on older API levels.
While Android added improved keystore support in KitKat (4.0) IIRC, it's not really an issue of the Android API level, but, as said before, you need to provide an SSLContext that suits your needs. If you don't, then aSmack will use the System default SSLContext (which may be different between Android API levels).