Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,558,367
Community Members
 
Community Events
184
Community Groups

Crowd - Mail config error - "unable to find valid certification path to requested target"

Andrew Khoury
Andrew Khoury Dec 01, 2013

I'm trying to configure Crowd for outbound mail (AWS SES, email-smtp.us-east-1.amazonaws.com which is available through ports 25, 465 or 587).

I configured SMTP with login credentials (via Crowd console).

I verified connectivity and authentication at the command line, via "openssl s_client -crlf -quiet -starttls smtp -connect email-smtp.us-east-1.amazonaws.com:587".

I cannot send mail. Here are the errors in Crowd when I try ...

With port 587 configured:
Unrecognized SSL message, plaintext connection?

With port 465 configured:
unable to find valid certification path to requested target

After reading up online I tried importing the certificate via "keytool -import", which I verified via "openssl x509 -fingerprint" and "keytool -list -keystore". It all looks good however I'm still getting the unable to find valid certificate file error.

I read up on the following (but have NOT tried it yet):
-Djavax.net.ssl.trustStore=trustStore
Crowd is version: 2.6.5 (Build:#607 - 14-08-2013)
I'm not sure if I'm on the right path, or misssing something. Can somebody help point me in the right direction? Is there any more information I need to provide?

In an effort to make sure this isn't a configuration issue or connectivity issue here are some further tests...

Port 25 (Use SSL NOT selected):

Could not send email to email@mail.com. Reason:220 Ready to start TLS

Port 25 (Use SSL selected):

Caused by: javax.mail.MessagingException: Could not connect to SMTP host: email-smtp.us-east-1.amazonaws.com, port: 25;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

Port 10 (Use SSL selected):

...AFTER A LONG WAIT...

Caused by: javax.mail.MessagingException: Could not connect to SMTP host: email-smtp.us-east-1.amazonaws.com, port: 10;
nested exception is:
java.net.ConnectException: Connection timed out

Answer
Watch
Like Be the first to like this
502 views

2 answers

1 accepted

0 votes
Answer accepted
Andrew Khoury
Andrew Khoury Dec 02, 2013

After looking further into the issue I decided to give "-Djavax.net.ssl.trustStore=trustStore" a shot.

I pointed the trust store to my cacerts folder (that's where I had already imported my mail certificate), restarted crowd and was able to send mail without errors.

There error message was kind of pointing to this as the problem, though it wasn't clear to me that it wasn't already looking at the global cacerts.

Reply
0 votes
Caspar Krieger
Caspar Krieger
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Dec 02, 2013

Unfortunately I'm not familiar with Amazon's SES offering; if you don't get any helpful responses here you may want to raise a support request for Crowd so our friendly support team can help you troubleshoot.

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

See all events