Remedy - Email - Does the Remedy ARS Email engine support TLS (Transport Layer Security)?

Version 2
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy AR System Server


    COMPONENT:

    AR System


    APPLIES TO:

    BMC Remedy AR System Server - Email Engine - 8.1.x and 9.x versions.



    QUESTION:

     
       Does the Remedy ARS Email engine support TLS (Transport Layer Security)? 
       
          


    ANSWER:

     

    To enable TLS support it is necessary to add some new options to the command line used to launch the Email Engine Java process.  There are different options for each mailbox protocol, please note that TLS is not supported for MAPI.

    The options for each protocol are:

    IMAP
    -Dmail.imap.starttls.enable=true
    -Dmail.imap.starttls.required=true


    POP3
    -Dmail.pop3.starttls.enable=true
    -Dmail.pop3.starttls.required=true

    SMTP
    -Dmail.smtp.starttls.enable=true
    -Dmail.smtp.starttls.required=true

     

      

    Setting the options on Unix servers

    Edit the emaild.sh file found in the AREmail directory, this is the shell script used to manage the Email Engine process.  Open the file with a text editor and find the line that sets the JAVA_OPTS variable - for example:
    JAVA_OPTS="-Xms256m -Xmx1024m"


    Add the required options within the quotes.  To enable TLS for both SMTP and IMAP you would change this line to:
    JAVA_OPTS="-Xms256m -Xmx1024m -Dmail.imap.starttls.enable=true -Dmail.imap.starttls.required=true -Dmail.smtp.starttls.enable=true -Dmail.smtp.starttls.required=true"

    Save the file and restart the Email Engine.

    Setting the options on Windows servers
    The Java options are set in the registry.


    Go to Start >Run >regedt32 to launch the Registry Editor
    Navigate to  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BMC Remedy Email Engine <my_server>\Parameters

    There will be a number of existing keys called JVM Option Number n, where n increments for each option.

    Select the Edit menu and choose New, String Value.
    Enter JVM Option Number x as the Value name - replacing x with the next number 
    Enter one of the TLS options as the Value data and click OK.

    Repeat this step to add the required number of new options.

    Then edit the JVM Option Count key value and set it to the total number of JVM Options - note that the options are numbered from 0 so this value will be one more that the highest JVM Option Number and that, if you have more than 10 options, the value is in hexadecimal.


    User-added image

    Restart the Email Engine service for the changes to take effect.

     


    Article Number:

    000015148


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles