|
Siebel Email Administration Guide > Configuring Communications Drivers and Profiles for Email > Process of Setting Up Communications Driver Profiles >
Enabling Cryptographic Protocols for Communications Drivers
Cryptographic protocols include SSL (Secure Sockets Layer) or TLS (Transport Layer Security). To configure cryptographic protocols for communications drivers and for communication between servers, complete the following procedures:
NOTE: You must use strong encryption if encryption is based on 128 bits or more. For more information about strong encryption, see Siebel Security Guide.
This task is a step in Process of Setting Up Communications Driver Profiles. Enabling SSL or TLS Connection for Communications Drivers
The procedure in this topic describes how to enable SSL or TLS connection for communications drivers. In this procedure, you define parameters that relate to the communications drivers. When you define the parameters, including SMTP Account Name and SMTP Account Password, an attempt is made to execute the AUTH LOGIN command at the start of the SMTP session. If the AUTH LOGIN command fails, then the session is terminated, a log file error message is generated, and the message is not sent. This occurrence is not a permanent fatal error for the driver, so the existing retry logic for Communications Outbound Manager applies, and another attempt is made to send the message at a later date. NOTE: The functionality for the parameters to enable TLS is provided in Accelerated Delivery Request (ADR) 569. To implement this functionality, you must install the required patch and perform postinstallation tasks. To implement this ADR, which is included in Siebel Fix Pack 8.1.1.8, see the applicable Siebel Maintenance Release Guide on My Oracle Support.
To enable SSL or TLS connection for communications drivers
- Navigate to the Administration - Communications screen, then the Communications Drivers and Profiles view.
- In the Communications Drivers list, select Internet SMTP/POP3 Server or Internet SMTP/IMAP Server.
- Click the Driver Parameters view tab, and complete the fields in the following table.
|
|
Enable SSL for IMAP |
If you select Internet SMTP/IMAP Server in Step 2, then type a value of True to enable SSL. |
Enable SSL for POP3 |
If you select Internet SMTP/POP3 Server in Step 2, then type a value of True to enable SSL. |
Enable SSL for SMTP |
Type a value of True to enable SSL. |
Enable TLS for IMAP |
If you select Internet SMTP/IMAP Server in Step 2, then type a value of True to enable TLS. |
Enable TLS for POP3 |
If you select Internet SMTP/POP3 Server in Step 2, then type a value of True to enable TLS. |
Enable TLS for SMTP |
Type a value of True to enable TLS. |
IMAP Server Port |
If you select Internet SMTP/IMAP Server in Step 2, then change the IMAP port to 993 for secure SSL or TLS connections. Change the IMAP port to 143 (or your email server port for IMAP) for nonsecure connections. Nonsecure connections are not recommended. The email server uses its self-signed preconfigured certificates. The default value for this port is 143. |
POP3 Server Port |
If you select Internet SMTP/POP3 Server in Step 2, then change the POP3 port to 995 for secure SSL or TLS connections. Change the POP3 port to 110 (or your email server port for POP3) for nonsecure connections. Nonsecure connections are not recommended. The email server uses its self-signed preconfigured certificates. The default value for this port is 110. |
SMTP Account Name |
Type the value for the SMTP account name. |
SMTP Account Password |
Type the value for the SMTP account password. |
SMTP Backup Account Name |
Type the account name for the backup SMTP interface that requires user authentication. |
SMTP Backup Account Password |
Type the account password for the backup SMTP interface that requires user authentication. |
SMTP Server Port |
Change the SMTP port to 465 for secure SSL or TLS connections. Change the SMTP port to 25 (or your email server port for SMTP) for nonsecure connections. Nonsecure connections are not recommended. The email server uses its self-signed preconfigured certificates. The default value for this port is 25. |
Setting Server Parameters for SSL or TLS
To ensure secure transactions between the Siebel Server and the email server, it is highly recommended that you set the SSL (Secure Sockets Layer) or TLS (Transport Layer Security) server parameters in the procedure in this topic. This procedure describes how to set these server parameters to enable cryptographic authentication. After completing this procedure, restart the Siebel server to implement the parameter changes. For more information about the parameters for SSL and TLS, see the Siebel Installation Guide for the operating system you are using and the topics in Siebel Security Guide about configuring encryption for Siebel Enterprise or Siebel Server. To set the SSL or TLS server parameters
- Navigate to the Administration - Server Configuration screen, then the Servers view.
- In the Servers list, select the Siebel Server.
- Click the Parameters view tab.
- Set the SSL or TLS parameters in the following table.
|
|
CA certificate file name |
Type the URL to the Cryptographic Authentication (CA) certificate file. You must set this value to enable CA of email messages. An example of this URL is d:\siebel\admin\cacertfile.pem. |
Certificate file name |
Type the URL to the certificate file. |
Peer Authentication |
Type a value of True. This parameter enables Cryptographic Authentication. NOTE: To enable authentication, you must at a minimum set the CACertFileName and PeerAuth parameters.
|
Private key file name |
Type the URL to the key file. |
Private key file password |
Type the password of the key file. |
Validate peer certificate |
Type a value of False. This parameter enables authentication of the certification files. |
|
