| SSL Configuration |  Search
|
|
NowSMS Support Forums ⬆ NowSMS Support - SMS Issues ⬆ |
◄ ► |
| Author | Message | |||
| Aditya Chopra New member Username: Adifreaks86 Post Number: 11 Registered: 08-2020 |
Hi Team I am looking to test SSL/TLS 1.2 over SMPP through the NowSMS application, some of the customers connecting to my SMSC demand SSL over TLS 1.2, i wanted to test the same through NowSMS first and then ask those customers to connect to my SMSC. I have installed the signed certificate on load balancer of my SMSC against a sub-domain of my organisation. How can i send messages through NowSMS application over this sub-domain that i have registered so that it goes through secured port. Do I have to install the same certificate in the client application also? Or it is enough to do so on the LB of SMSC ? I can also see a SSL/TLS tab on NOWSMS application window what is the scenario in which that is used? | |||
| Des - NowSMS Support Board Administrator Username: Desosms Post Number: 6289 Registered: 08-2008 |
Hi, Generally speaking... If NowSMS is in a client (ESME) role, then when defining the SMPP connection, enable the "Use SSL" checkbox. If NowSMS is in a server (SMSC) role, then a certificate must be installed on the NowSMS server, and the "SSL/TLS" tab is used to generate a CSR (certificate signing request).
I'm not an expert on load balancers ... but in my experience, the load balancer does not decrypt SSL/TLS traffic, it forwards the traffic to one of the actual servers, and the SSL/TLS certificate is on the server (in this case server=SMSC). It is possible that a load balancer could implement/add SSL/TLS support to a server. In this case, the certificate would be installed on the load balancer, and the load balancer would decrypt the data before sending to the server/SMSC and encrypt data returned by the server/SMSC. Bottom line ... how this all works is specific to whatever load balancer you are using.
In the SMSC tab, when defining the SMPP connection in NowSMS, enable the "Use SSL" checkbox
Client applications generally do not require a certificate. There are specialized applications that make use of them, but this is not something we have seen for SMPP. (In these implementations, it would NOT be the SAME certificate. The client would have a different certificate.)
If NowSMS is in a server (SMSC) role, then a certificate must be installed on the NowSMS server, and the "SSL/TLS" tab is used to generate a CSR (certificate signing request). Regards, Des NowSMS Support | |||
| Aditya Chopra New member Username: Adifreaks86 Post Number: 12 Registered: 08-2020 |
Hi Team How can i send messages through NowSMS application over this sub-domain that i have registered so that it goes through secured port. In the server Host Name i have to type xyz.air.com or https://xyz.air.com instead of IP? | |||
| Des - NowSMS Support Board Administrator Username: Desosms Post Number: 6295 Registered: 08-2008 |
To avoid certificate errors or warnings, yes. An SSL certificate is usually issued to a host name. There are also wildcard certificates that can be issued to a domain name and be used with any host name within the domain name. But if you try to connect via IP address, browsers will return an error because the host name does not match ... the certificate knows nothing of IP addresses. (It is possible to tell the browser to accept the certificate anyway, so that it will not complain in future attempts. This may be acceptable in some environments.) Regards, Des NowSMS Support | |||
