Knowledge Doc: SMTP configuration in Network Automation without TLS certificate

0 Likes

How to bypass TLS certificate for TLS and SSL port, while configuring SNMP in Network Automation.

Environment

Network Automation 23.4
Linux

Situation

User's system is integrated with an exchange online mail server and need to configure SNMP as mailing service, here is the steps to use for ignoring the requirement of TLS certificate in Network Automation Platform.

Resolution

User need to add the following line tin adjustable_options.rcx:

email/certificate/clientCertOptional to true

in adjustable_options.rcx.
 

Also in appserver-config.xml , users will have to add this flag 

verify-client="NOT_REQUESTED"  
 

The related context in appserver-config.xml is here :         

                    

                    <server name="default-server">

                <http-listener max-post-size="${na.web.server.maxPostSize:4294967296}" socket-binding="http" max-parameters="${na.web.server.maxParameters:200000}" redirect-socket="https" name="default" enable-http2="true"/>

                <http-listener max-post-size="${na.web.server.maxPostSize:4294967296}" socket-binding="httpremotingbinding" max-parameters="${na.web.server.maxParameters:200000}" name="remotinghttpslistener" enable-http2="true"/>

                <https-listener enabled-protocols="${na.web.server.tls.protocols:TLSv1.2}" max-post-size="${na.web.server.maxPostSize:4294967296}" socket-binding="https" max-parameters="${na.web.server.maxParameters:200000}" name="https" security-realm="ApplicationRealm" enabled-cipher-suites="${na.web.server.tls.ciphers:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256}"

                enable-http2="true" verify-client="NOT_REQUESTED"/>

Only the highlighted codes have to be added.

Next step is to import exchange certificate in Network Automation server.

Then need to install hotfix. Please contact support to get hotfix for this issue.

Knowledge article

Labels:

Knowledge Docs
Comment List
Related
Recommended