I'm trying to configure Crowd for outbound mail (AWS SES, email-smtp.us-east-1.amazonaws.com which is available through ports 25, 465 or 587).
I configured SMTP with login credentials (via Crowd console).
I verified connectivity and authentication at the command line, via "openssl s_client -crlf -quiet -starttls smtp -connect email-smtp.us-east-1.amazonaws.com:587".
I cannot send mail. Here are the errors in Crowd when I try ...
With port 587 configured:
Unrecognized SSL message, plaintext connection?
With port 465 configured:
unable to find valid certification path to requested target
After reading up online I tried importing the certificate via "keytool -import", which I verified via "openssl x509 -fingerprint" and "keytool -list -keystore". It all looks good however I'm still getting the unable to find valid certificate file error.
In an effort to make sure this isn't a configuration issue or connectivity issue here are some further tests...
Port 25 (Use SSL NOT selected):
Could not send email to email@mail.com. Reason:220 Ready to start TLS
Port 25 (Use SSL selected):
Caused by: javax.mail.MessagingException: Could not connect to SMTP host: email-smtp.us-east-1.amazonaws.com, port: 25;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
Port 10 (Use SSL selected):
...AFTER A LONG WAIT...
Caused by: javax.mail.MessagingException: Could not connect to SMTP host: email-smtp.us-east-1.amazonaws.com, port: 10;
nested exception is:
java.net.ConnectException: Connection timed out
After looking further into the issue I decided to give "-Djavax.net.ssl.trustStore=trustStore" a shot.
I pointed the trust store to my cacerts folder (that's where I had already imported my mail certificate), restarted crowd and was able to send mail without errors.
There error message was kind of pointing to this as the problem, though it wasn't clear to me that it wasn't already looking at the global cacerts.
Unfortunately I'm not familiar with Amazon's SES offering; if you don't get any helpful responses here you may want to raise a support request for Crowd so our friendly support team can help you troubleshoot.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.