Teltonika Protocol Encryption

Teltonika devices can talk to server which has TLS/DTLS enabled.
You can see it in https://wiki.teltonika-sas.com/view/TMT250_GPRS_settings in section Server Settings.

Is Traccar capable of having a TLS layer enabled for the Teltonika protocol?

I don't think so, but also I don't see any details.

Maybe there is more information here:
https://wiki.teltonika-gps.com/view/FMC130_GPRS_settings#TLS/DTLS

Would also be interested - but Im wondering in which scenario this is needed

It just says TLS/DTLS, but it doesn't provide any details. Like, for example, which algorithms the device is using.

I would rather suggest to use different tool to get TLS instead of implementing it in traccar project. You can try to use nginx open source and make a proxy of TCP socket:
https://docs.nginx.com/nginx/admin-guide/security-controls/securing-tcp-traffic-upstream/

here's my nginx rproxy configuration (if it helps anyone..):

upstream gps_teltonika_backend {
        server 192.168.1.5:5027;
}

server {
        listen 5027 ssl;
        proxy_pass gps_teltonika_backend;        

        #teltonika sadly does only support TLSv1.1
        ssl_protocols   TLSv1.1 TLSv1.2 TLSv1.3;

        ssl_certificate /etc/letsencrypt/live/traccar.example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/traccar.example.com/privkey.pem;
        ssl_trusted_certificate /etc/letsencrypt/live/traccar.example.com/chain.pem;
}

for this, you only have to download the traccar ssl certificate out of the webbrowser and upload it onto the device

Thanks David, this is helped a lot.

David, what cert have to import on teltonika device in that case? The X1 root cert? The R3 intermediate? The full chain? This is not good with LE, because every 2 month the cert changing.

Let me answer my own question.
The ROOT cert (currently the X1) is enough (as normally in any other clients). Works fine.