Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Crowd - Mail config error - "unable to find valid certification path to requested target"

I'm trying to configure Crowd for outbound mail (AWS SES, email-smtp.us-east-1.amazonaws.com which is available through ports 25, 465 or 587).

I configured SMTP with login credentials (via Crowd console).

I verified connectivity and authentication at the command line, via "openssl s_client -crlf -quiet -starttls smtp -connect email-smtp.us-east-1.amazonaws.com:587".

I cannot send mail. Here are the errors in Crowd when I try ...

With port 587 configured:
Unrecognized SSL message, plaintext connection?

With port 465 configured:
unable to find valid certification path to requested target

After reading up online I tried importing the certificate via "keytool -import", which I verified via "openssl x509 -fingerprint" and "keytool -list -keystore". It all looks good however I'm still getting the unable to find valid certificate file error.

I read up on the following (but have NOT tried it yet):
-Djavax.net.ssl.trustStore=trustStore
Crowd is version: 2.6.5 (Build:#607 - 14-08-2013)
I'm not sure if I'm on the right path, or misssing something. Can somebody help point me in the right direction? Is there any more information I need to provide?

In an effort to make sure this isn't a configuration issue or connectivity issue here are some further tests...

Port 25 (Use SSL NOT selected):

Could not send email to email@mail.com. Reason:220 Ready to start TLS

Port 25 (Use SSL selected):

Caused by: javax.mail.MessagingException: Could not connect to SMTP host: email-smtp.us-east-1.amazonaws.com, port: 25;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

Port 10 (Use SSL selected):

...AFTER A LONG WAIT...

Caused by: javax.mail.MessagingException: Could not connect to SMTP host: email-smtp.us-east-1.amazonaws.com, port: 10;
nested exception is:
java.net.ConnectException: Connection timed out

2 answers

1 accepted

0 votes
Answer accepted

After looking further into the issue I decided to give "-Djavax.net.ssl.trustStore=trustStore" a shot.

I pointed the trust store to my cacerts folder (that's where I had already imported my mail certificate), restarted crowd and was able to send mail without errors.

There error message was kind of pointing to this as the problem, though it wasn't clear to me that it wasn't already looking at the global cacerts.

0 votes

Unfortunately I'm not familiar with Amazon's SES offering; if you don't get any helpful responses here you may want to raise a support request for Crowd so our friendly support team can help you troubleshoot.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Statuspage

New feature: Slack notifications for Statuspage

We're excited to announce the release of a long-requested feature on Statuspage. Now visitors to your status page can subscribe to get notified in Slack when you report an incident or maintenance. Th...

81 views 0 9
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you