IT Process Automation

 View Only
  • 1.  Does PAM Mail Triggers support secure imap on port 993?

    Posted Apr 17, 2017 04:05 PM

    Due to security regulations we require TLS 1.2 and Port 993 for IMAP to even be considered. Does PAM support this?



  • 2.  Re: Does PAM Mail Triggers support secure imap on port 993?
    Best Answer

    Broadcom Employee
    Posted Apr 17, 2017 04:20 PM

    IMAP-SSL is supported, please see:

    Email Operators - CA Process Automation - 4.3.1 - CA Technologies Documentation 

    As for TLSv1.2 communication, this can quickly go down a rabbit hole, however for simply allowing Process Automation to communicate to another application or API that is restricted to accepting only TLSv1.2 protocol communications you will need to do two things:

    1. Upgrade the JDK on the orchestrator to 1.7 update 95 or any 1.8 JDK before update 91. Only Proc Auto 4.3.x supports Java 8, so if this is a 4.2.x installation you can only upgrade to 1.7 update 95.

    Make sure to uninstall any previous version of Java.

    When you have the new version installed, modify the c2osvcw.conf file (lines 5 and 8) to update the Java path. 

    2. At the bottom of the c2osvcw.conf file, add the following Java argument:

    wrapper.java.additional.14=-Djdk.tls.client.protocols=TLSv1.2

     

    Make sure the numeric increment is correct (.13, .14, .15) and make sure to include the "-" before the 'D'.

     

    The rest of the rabbit hole is - if it is only the IMAP communication that requires TLSv1.2 but other applications (such as EEM and anything else) require other protocols, you will need to include those as well. The argument will need to then be any of the following:

    wrapper.java.additional.14=-Djdk.tls.client.protocols=SSLv3,TLSv1.1,TLSv1.2
    wrapper.java.additional.14=-Djdk.tls.client.protocols=TLSv1,TLSv1.1,TLSv1.2

    wrapper.java.additional.14=-Djdk.tls.client.protocols=SSLv3,TLSv1,TLSv1.1,TLSv1.2

     

    Double check with your other appllications. EEM at this time requires TLSv1.1, but you may have other applications that require 1.0 (listed as TLSv1) or even SSLv3

     

    ~Jennifer Jessup



  • 3.  Re: Does PAM Mail Triggers support secure imap on port 993?

    Broadcom Employee
    Posted Apr 17, 2017 04:21 PM

    There is more to the rabbit hole, but unless you are restricting all communications within your network to only the TLSv1.2 protocol, let's not head to deep into it



  • 4.  Re: Does PAM Mail Triggers support secure imap on port 993?

    Posted May 11, 2017 10:05 AM

    Thanks Jen, 

     

    I was able to get IMAP access and verified that the steps above were applied and am running into the following error in my log:

    2017-05-11 10:02:57,673 ERROR [com.optinuity.c2o.wsd.trigger.smtp.SMTPMailClientService] [ service thread] Connection to mail server failed 6 time, polling mail server is stopped. Update trigger properties after fixing the problem to resume trigger functionality

     

    And when i decided to try to connect via an operator to do a count of messages of the inbox i get the following:

    2017-05-11 10:18:08,315 ERROR [STDERR] [111.6.20-8443-2] setFieldValue: java.lang.IllegalArgumentException: java.lang.ClassCastException@9820558 on mxGeometry.points (List) = {} (HashMap)
    2017-05-11 10:18:08,315 ERROR [STDERR] [111.6.20-8443-2] setFieldValue: java.lang.IllegalArgumentException: java.lang.ClassCastException@52cc73a5 on mxGeometry.points (List) = {=com.mxgraph.util.mxPoint[380.0, 370.0]} (HashMap)
    2017-05-11 10:18:39,019 ERROR [com.optinuity.c2o.service.serviceoperation.mailserviceoperation.RunnerGetMessageCountServiceOperation] [63-d9e669771703] Could not connect to the Mail Server ;
    nested exception is:
    java.io.IOException
    java.lang.Exception: Could not connect to the Mail Server ;
    nested exception is:
    java.io.IOException
    at com.optinuity.c2o.service.serviceoperation.mailserviceoperation.MailWrapper.initializeMailStoreConnection(MailWrapper.java:982)
    at com.optinuity.c2o.service.serviceoperation.mailserviceoperation.MailWrapper.getMessageCount(MailWrapper.java:459)
    at com.optinuity.c2o.service.serviceoperation.mailserviceoperation.RunnerGetMessageCountServiceOperation.processRequestedOperation(RunnerGetMessageCountServiceOperation.java:152)
    at com.optinuity.c2o.service.serviceoperation.mailserviceoperation.RunnerGetMessageCountServiceOperation.run(RunnerGetMessageCountServiceOperation.java:60)
    at java.lang.Thread.run(Thread.java:745)



  • 5.  RE: Re: Does PAM Mail Triggers support secure imap on port 993?

    Posted Jul 30, 2019 01:46 PM
    Hi,
    I have the same error with mail trigger: ERROR [com.optinuity.c2o.wsd.trigger.smtp.SMTPMailClientService] [ service thread] Connection to mail server failed 6 time, polling mail server is stopped. Update trigger properties after fixing the problem to resume trigger functionality

    Could you solve the problem?

    Regards,
    Fabio.