We currently use an SMPP connection on port 8100, we have had a requirement from our provider to transfer to an encrypted connection which would be TLS 1.1 (or higher) on port 8143.
How best to accomplish this? Will modifying the MX rules to use TLS and changing the port be enough or will there need to be some server side modification?
Thanks in advance
It's not a straightforward process.
Can you check if your customer is on version 6.1.0? if yes then you need to upgrade to build 8192 at least to use TLS1.1
Adobe Campaign technical support can provide you the stack trace and in stack trace look for protocol versions, whether it's TLS v1.0 or TLS v1.1? If yes, you can simply change the MX management rules and it will work for you.
If you have access to serverConf.xml configuration file, then you can check the configurations if it's which is applied. If not configure it by installing the proper SSL certificate and allowing following configurations on the server.
SSLProtocol: all -SSLv3 -TLSv1 -TLSv1.1
Docs for TLS and SSL:
or simply raise a neolane support ticket to enable TLS 1.1 and if possible TLS1.2 as in future everyone is moving towards 1.2(at the moment not possible with Adobe campaign??)
Hi Vipul Raghav & Alistair,
I have reached out to my team and just to confirm how did they enabled it, You are correct Tech support will not be able to enable this for you. In our case, it was Adobe Consulting/Engineering team as they have access to SMPPConnector.java and smpp34.jsp.
we had to involve our Account manager and pay for this separately to enable this.
For Adobe hosted customers we currently don't have this option. An improvement is in pipeline to enable the SMS connector to work with encrypted channels but it is with the product management.
At the moment, unfortunately, you cannot make the communication SSL based.
If the instance was on-prem few customers make use of VPN tunneling but it is not supported by tech-ops.
Very little I'm afraid, as I understand Adobe will be pushing out a fix to all classic users to enable TLS around August/September but obviously that is some time away yet.
I've escalated the issue and Adobe proposed solution to my PM and am now awaiting further feedback. I suspect we will either source some Adobe engineering resource or see if we can postpone the TLS requirement until the Adobe release.
Tech Ops seem to think that TLS is not an option? They have a link to this thread with your advice on the SSL Certificate configuration but have come back with the following;
"As per them TLS is not supported for SMPP. It is the way campaign is designed, that the SMPP connector does not support TLS."
Thoughts? As this is a fully hosted solution I'm slightly at the mercy of the Tech Ops team.
No, you need not do that as this is a part of the process while setting up theTLS1.1 for SMPP connectors. If they don't do it(Maybe some support guys over neolane, forgets to do it), ask them to do it for you as they will be able to troubleshoot the test connection(something doesn't go as planned) as they will have access to stack trace at the server.
We are on v7, 8857 and have no access to the serverconf.xml. So I'll need to raise a ticket to support for this. Do we then need to apply the Default Configuration in the MX rules once this has been completed by support or will it just work once the new port has been applied to the external account?