Message Delivery Component configuration
The MDC Configuration Utility writes to an XML configuration file named MDCConfig.xml in the %PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin (Windows) or /etc/vasco/ias (Linux) folder, respectively. It is possible to edit this file directly instead of using the MDC Configuration Utility.
The configuration file is UTF8 encoded. Non-UTF8 encoded characters should not be added to the configuration file, or it will not load.
The following tables list the elements in the configuration file, their default values, and a brief explanation of each.
If your organization is impacted by the General Data Protection Regulation (GDPR), note that the SEAL protocol used for communication with OneSpan Authentication Server must be SSL enabled in the MDC Configuration Utility to be GDPR-compliant.
If the Email Delivery option is selected, ensure that the gateway server is configured to use SSL and TLS encryption.
For more information about GDPR, refer to the OneSpan Authentication Server General Data Protection Regulation Compliance Guide.
| Element name | Data type | Default value | Description |
|---|---|---|---|
| Tracing | |||
| Trace-Header | unsigned integer | 15 | |
| Trace-Mask | unsigned integer | 0x00000000 | |
| Trace-File | string | oas_installation_directory\log\mdc.trace | |
| Trace-Rotate | boolean | false | |
| Trace-Rotate-Count | unsigned integer | 7 | |
| Trace-Rotate-Type | string | days | |
| Trace-Rotate-Days | unsigned integer | 1 | |
| Trace-Rotate-Size | string | 1024MB | |
| Trace-Compress | boolean | false | |
| MDC-Server | |||
| MDC-IP | string | 127.0.0.1 | IP address of the local machine to use. |
| MDC-Port | unsigned integer | 20007 | Port to listen on for incoming communication. |
| MDC-Request-Timeout | unsigned integer | 20 | Timeout for requests sent to Message Delivery Component requests (default: 20 seconds). This timeout should be longer than the communication timeouts configured within the gateway settings of MDC. |
| MDC-TaskManager | |||
| Max-Workers | unsigned integer | 30 | Maximum number of concurrent Virtual Mobile Authenticator requests allowable. |
| SSL | |||
| Enabled | boolean | False | Enable or disable SSL. |
| Cert-File | string | %PROGRAMFILES%\VASCO\IDENTIKEY Authentication Server\bin\ikey_mdc_cert.pem | The certificate file to use for SSL communication for the MDC server. |
| Cert-Pass | string | encrypted-value | Password for the private key that is included in the certificate file (Cert-File). |
| CA-File | string | <blank> | The certificate authority file to use for SSL communication. |
| Client-Auth-Method | string | never | Controls if or when an SSL client certificate is required. |
| Reverify-Client-On-Reconnect | boolean | false | Controls whether or not the client should be re-verified upon negotiation. |
| Supported-Cipher-Suite | string | VERY_HIGH | The SSL cipher suite security level to be used. |
| Email-Servers, SMS-Servers, Voice-Servers, PushNotification-Servers | |||
| Enabled | boolean | false | Enable or disable delivery of Virtual Mobile Authenticator messages. |
| Failover | boolean | true | Enable or disable failover to a backup gateway if the primary is unavailable. |
| Failback | boolean | true | Enable or disable failback to a backup gateway if the primary is unavailable. |
| Load Balancing | boolean | true | Enable or disable load-balancing between gateways. |
Table: Message Delivery Component – Proxy settings for SMS and voice servers enumerates the different Proxy settings used in the Message Delivery Component configuration file (nested directly under each SMS-Servers, and Voice-Servers nodes).
The settings for each gateway are defined in an MDC profile. Each MDC profile is represented by either of the following nodes:
- HTTPServerX. For SMS servers, voice servers, and push notification gateways (SMS-Servers, Voice-Servers, and PushNotification-Servers).
- SMTPServerX. For email servers (Email-Servers node).
where X is a number differentiating one MDC profile/gateway definition from another. These nodes are nested under a ServerList node under each Email-Servers, SMS-Servers, Voice-Servers, or PushNotification-Servers node.
| Element name | Data type | Default value | Description |
|---|---|---|---|
|
ServerList A list of gateways to use for the respective message type. |
|||
| ProfileName | string | <blank> | The MDC profile name. |
| Description | string | gateway_display_name | This is an informational field, naming or describing the HTTP gateway. It can be set to provide a description for a particular service, but is ignored by the MDC service. |
| Enabled | boolean | false | |
| Backup | boolean | false | Whether this SMS gateway should be considered a backup option (used in failover only). |
| URL | string | Required parameter. Sets the URL to the HTTP gateway. The address should not contain any variables, but should contain the protocol identifier. Note: The protocol identifier of “https://” can be used to SSL-encrypt the link between the MDC service and the HTTP gateway. In this case it is required to specify a filename where the server certificates can be found. | |
| Protocol | string | http | SMS HTTP gateway. The protocol to use to connect to the SMS gateway when Add HTTP Gateway is selected. |
| Protocol | string | smpp | SMS SMPPgateway. The protocol to use to connect to the SMS gateway when Add SMPP Gateway is selected. |
| Protocol | string | http | Voice gateway. The protocol to use to connect to the voice gateway. |
| Protocol | string | smtp | Email server gateway. The protocol to use to connect to the e-mail server gateway. |
| Protocol | string | https | Push notification gateway. The protocol to use in connecting to the push notification gateway, respectively. |
| Username | string | <blank> |
The user name that the MDC service should use for sending messages via this gateway. The given value will be used as content for the variable [acc_User] in the query string. For e-mail requests: Only required where the Enable-Auth setting is set to true. |
| Password | string | encrypted-value |
The password that the MDC service should use for sending messages via this gateway. The given value will be used as content for the variable [acc_pwd] in the query string. For e-mail requests: Only required where the Enable-Auth setting is set to true. |
| Port | unsigned integer | 80 | SMS HTTP gateway. Server port to send (http) requests through. |
| Port | unsigned integer | 2775 | SMS SMPP gateway. Server port to send (smpp) requests through. |
| Port | unsigned integer | 25 | Email server gateway. Server port to send e-mail requests through. |
| Port | unsigned integer | 443 | Push notification gateway. Server port to send push notification requests through. |
| PoolSize | unsigned integer | 10 | Number of unsent SMS messages to queue. |
| Timeout | unsigned integer | 5 | SMS and voice servers. The amount of time to wait for a response from the SMS and voice server gateways. |
| Timeout | unsigned integer | 20 | Email server gateway. The amount of time to wait for a response from the email server gateway. |
| Priority | unsigned integer | 1 | When allocating connections, the connections with lower priority numbers are selected first to be used as the MDC gateway. |
| Weight | unsigned integer | 1 |
The load-balanced gateway selection mode allocates connections from the nodes based on set priorities. Within a given priority, nodes are selected randomly by node weight. Nodes with greater weight are more likely to be selected than those with less weight. |
| HTTPQuery | string |
|
Required parameter. Defines the query string which will be submitted to the http server, either using POST or GET (as specified by HTTPMethod). This string must contain all required variables that are expected by the HTTP gateway. The default value and applicable variables depend on the used gateway. For a list of pre-defined variables, see Table: Message Delivery Component – HTTP gateway query string variables. |
| HTTPMethod | string | GET |
Designates either the GET or POST method for use in transferring account and message data to the HTTP/HTTPS gateway after creating an SMS http gateway or a voice gateway. Accepted values:
|
| PhonePrefix | string | <blank> | Voice server gateway setting. The phone number prefix to be added in front of the phone number as provided by OneSpan Authentication Server before communication with the voice gateway. |
| Enable-Auth | boolean | false | E-mail gateway setting. This setting flags whether a user name and password must be used by the MDC service to authenticate itself with the mail server. Whether this is required will depend on the configuration of the mail server. |
| From-Address | string | <blank> | E-mail gateway setting. The text to display in each Virtual Mobile Authenticator email's 'From-Address' field. |
| Subject | string | <blank> | E-mail gateway setting. The text to display in each Virtual Mobile Authenticator e-mail's 'Subject' field. |
| Element name | Data type | Default value | Description |
|---|---|---|---|
| SMPP Settings | |||
| SystemType | string | <blank> | This parameter is used to categorize the type of SMPP client that is binding to the SMPP server. It may be used to categorize the system, for instance "EMAIL", "WWW" etc. |
| MessageMode | string | Datagram | The SMPP Message Mode option, if supported on the SMPP server, allows an SMPP client to select the SMPP server message delivery mechanism. In Datagram Message Mode, typical SMPP server functions such as scheduled or registered delivery do not apply. Datagram Message Mode is designed for high throughput applications. |
| PriorityFlag | unsigned integer | 1 | This parameter allows the SMPP client originating to assign a priority level to the short message. |
| PrivacyIndicator | string | <blank> | The privacy indicator indicates the privacy level of the message. |
| SourceAddress | string | <blank> | Defines the address which originated the message. The source address is taken from the destination address of the original short message that generated the delivery receipt. |
| DestinationAddress | string | <blank> | Defines the destination address. The destination address is taken from the source address of the original short message that generated the delivery receipt. |
| Numeric Plan Indicator (NPI) | string | Unknown |
Defines the NPI to be used in the source and destination address parameters for the SMPP client. For all defined NPI values, see Table: Message Delivery Component - SMPP server settings (Defined NPI values). |
| Type of Number (TON) | string | Unknown |
Defines the TON to be used in the source and destination address parameters for the SMPP client. For all defined TON values, see Table: Message Delivery Component – SMPP server settings (Defined TON values). |
| SMPP Timeout Settings | |||
| TransactionTimeout | unsigned integer | 10 | Specifies the time lapse allowed between an SMPP request and the corresponding SMPP response. |
| InactivityTimeout | unsigned integer | 300 | Specifies the maximum time lapse allowed between transactions, i.e. it specifies the maximum period of time after which, if no SMPP messages are exchanged, the SMPP session may be dropped. |
| EnquireLinkTimeout | unsigned integer | 10 | Specifies the time lapse allowed between operations after which an SMPP client or server should interrogate whether its peer still has an active session. An enquire-link request will be initiated when this timeout expires. |
Each HTTPServerX node includes a Results node, which lists possible results returned from the gateway and the corresponding message to send back. Each possible result is represented by a ResultX node. Table: Message Delivery Component gateway settings – Results lists the attributes of each ResultX node.
Each HTTPServerX, SMPPServerX, or SMTPServerX node nests an SSL node, which defines the SSL settings (see Table: Message Delivery Component gateway settings – SSL).