Some of the IP servers in Diafaan SMS Server, like the HTTP server in the Web Connector and the SMPP server in the SMPP Connector, offer support for encrypted SSL connections. The IP servers in Diafaan SMS Server can use an X509 (OpenSSL) certificate that is stored in a password protected .pfx file. For optimal security and compatibility the certificate must be signed by a trusted root certificate authority and be set to the name of the host name or IP address of the server where Diafaan SMS Server is installed. But it is also possible to use a self-signed certificate if the SSL clients will accept them, however some SSL clients only accept connections to properly signed certificates with a perfect host name match.
Diafaan SMS Server can be used to generate a self-signed certificate for test purposes or when encryption without secure server identification is sufficient. To create the certificate file select menu options Help-Create SSL certificate, fill in the Host name or IP address and the password of the certificate file and select Save to create the certificate file.
You can fill in multiple DNS names and/or IP addresses in the first field (separated by comma's) if the server can be accessed by more than one DNS name or IP address.
To enable encryption, the certificate file has to be added to the connector. In the example below there are two properties that must be set in the advanced settings of the SMPP Connector: SSLCertificate and SSLCertificatePassword:
The SSLCertificate property is set to full path and file name of the certificate file. Since this file is password protected, the SSLCertificatePassword must also be set.
When the certificate is installed correctly the connector now accepts only secure connections from clients.