How to Configure the UCMDB Mail Server

  • KM03631617
  • 31-Mar-2020
  • 31-Mar-2020

Summary

How to configure the UCMDB Mail Server (SMTP)

Question

How to configure the UCMDB Mail Server using the Infrastructure Setting on UCMDB UI

Answer

  1. Configure UCMDB mail server
    1. In UCMDB, go to Administration > Infrastructure Settings > Mail Settings.
    2. Configure mail settings as described in the table below:

      Mail Setting Description
      Activate TLS/SSL connection

      If SMTP server requires secure connection via TLS/SSL then the value should be True, and make sure you proceed to 2. Configure UCMDB client to configure communication protocol. Else if SMTP server accepts non-secure connection, the value should be changed to False.

      SMTP server Enter the address of the SMTP server.
      SMTP server port Edit the SMTP server port. The default value is 25.
      The username of SMTP server

      Enter the user name of the primary SMTP server. If no authentication is required, leave this filed empty.

      The password of SMTP server Enter the password of the primary SMTP server. If no authentication is required, leave this filed empty.
      Email sender Enter the name to appear in reports that Universal CMDB sends.
      Sender editability Setting this value to True enables users to change the Email sender name inside the form that sends mail. Otherwise, leave its value as False.
    3. As a backup for the main SMTP server, you can provide information about an alternative server. Configure the following settings:

      Mail Setting Description
      Alternate SMTP server Enter the address of the alternate SMTP server.
      Alternate SMTP server port Enter the alternate SMTP server port.
      Alternate SMTP server username

      Enter the user name of the alternate SMTP server. If no authentication is required, leave this filed empty.

      Alternate SMTP server password Enter the password of the alternate SMTP server. If no authentication is required, leave this filed empty.

    Note: It is strongly recommended to set both the SMTP server and Alternate SMTP server. In case the SMTP server is not available, the alternative SMTP server will be used by the UCMDB server when sending emails.

  2. Configure UCMDB client

    Note This step is required only when Activate TLS/SSL connection is set to True.

    After configuring the mail server with a certificate, to benefit from secure communication and secure authentication option, you must transfer the certificate to UCMDB server truststores.

    1. Retrieve UCMDB JRE path.

      Example: C:\UCMDB\UCMDBServer\bin\jre

    2. Retrieve your certificate path.

      Example: C:\Users\Administrator.SMTP\Desktop\certs\Keypublic.pem (the file extension could be anything, not just pem)

    3. Retrieve UCMDB server truststore path.

      Examples: 

      C:\UCMDB\UCMDBServer\conf\security\server.truststore, or

      C:\UCMDB\UCMDBServer\conf\security\server-fips.truststore (for FIPS mode)

    4. Retrieve UCMDB JRE truststore path.

      Example: C:\UCMDB\UCMDBServer\bin\jre\lib\security\cacerts

    5. Navigate to the C:\UCMDB\UCMDBServer\bin\jre\bin folder, and open the command prompt.

    6. Run the following commands using keytool to import the certificate to UCMDB server truststore and UCMDB JRE truststore:

      Note Default truststore passwords are used in the following commands : changeit and hppass. If you configured a specific password for your truststore, just replace hppass or changeit with your password. Also, paths provided in the examples above are used. Make sure you replace them with your specific paths.

      Command for importing the certificate to UCMDB JRE truststore:

      keytool -import -file "C:\Users\Administrator.SMTP\Desktop\certs\Keypublic.pem" -keystore "C:\UCMDB\UCMDBServer\bin\jre\lib\security\cacerts" -alias "give certificate a name" -storepass changeit

      Command for importing the certificate to UCMDB server truststore:

      • For non-FIPS mode:

        keytool -import -file "C:\Users\Administrator.SMTP\Desktop\certs\Keypublic.pem" -keystore "C:\UCMDB\UCMDBServer\conf\security\server.truststore" -alias "give certificate a name" -storepass hppass
      • For FIPS mode:

        keytool -import -fle "C:\Users\Administrator.SMTP\Desktop\certs\Keypublic.pem" -keystore "C:\UCMDB\UCMDBServer\conf\security\server-fips.truststore" -alias "give certificate a name" -storetype PKCS12 -providername JsageJCE -storepass hppass