I know this question is already answered, but I couldn't solve it for myself.
How can I configure email for emm?
Here is my config in general setting :
Host: smtp.gmail.com
Port: 25 (also I check it using 587)
Username: myusername#gmail.com
password: my email pass
Sender email address: myusername#gmail.com
Email template: You have been registered to the to EMM. Below is the link to enroll.
but no invitation email sent to users.
first I try sending invitation email to already registered user.
then I check adding new user and send invitation to him.
here is the log for port 25, here is the log for port 587, here is the log for new user with port 25 and here for port 587.
Also I turn off my firewall and try again but no invitation email sent to users.
More info:
server : windows 7 (wso2 v : 1.1.0) - localhost, database : mysql
I have done these configuration using tenant which I have created.
for solving the problem I change the emm\modules\user.js :
line 186: if(username.indexOf("#")<1) to if(username.toString().indexOf("#")<1)
and add yahoo certificate to the keystores (wso2carbon.jks, emm_truststore.jks and wso2emm.jks.)
to get yahoo certificate I run this :
openssl s_client -connect smtp.mail.yahoo.com:587 -starttls smtp
and save the Server certificate as yahoocertificate.cer.
and to add it to keystores I run this:
keytool -import -alias smtp.mail.yahoo.com -file yahoocertificate.cer -keystore "D:\EMM\Carbone_Home\repository\resources\security\wso2carbon.jks"
keytool -import -alias smtp.mail.yahoo.com -file yahoocertificate.cer -keystore "D:\EMM\Carbone_Home\repository\resources\security\emm_truststore.jks"
keytool -import -alias smtp.mail.yahoo.com -file yahoocertificate.cer -keystore "D:\EMM\Carbone_Home\repository\resources\security\wso2emm.jks"
Also I check it with gmail smtp server port 587.
Error shows that there's a connection timeout. Gmail SMTP might be blocking your authentication request. Usually it throttles 3rd party client requests unless you disable security from your mail account settings.
Thanks
Related
I'm running a stand-alone instance of Wiremock for mocking in JUnit tests. This works fine with http and if I use the wiremock self-signed cert with the switch --https-port 8443. If I specify --https-keystore server_keystore.jks however, any attempt to communicate with Wiremock e.g WireMock.reset(); throws a javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake. Connecting to the admin page https://localhost:9093/__admin/ in a browser shows a similar error about the connection being closed.
The keystore was generated as follows;
keytool -genkey -keyalg RSA -keysize 2048 -alias server -keypass secret -storepass secret -keystore server_keystore.jks
If I enable logging for all traffic in Wiremock I see;
Problem decoding network traffic
java.nio.charset.MalformedInputException: Input length = 1
I've added System.setProperty("javax.net.ssl.trustStore", "server_keystore.jks"); in my calling code prior to attempting to communicate with Wiremock with no success.
Since you've set a password on your keystore you'll need to provide this to WireMock via the --keystore-password parameter.
I can't seem to get outbound email working from my SugarCRM installation, with only the message SMTP connect() failed appearing in the logs.
I've set my smtp server to smtp.gmail.com, email address, password, TLS, port 587. When I go to 'Send Test Email' I get the error.
I've set my local hostname, installed openssl, set the host_name in config.php and included it as a referrer in config_override.php. I've also tried setting SMPTDebug to 2 in SugarPHPMail.php but that seemed to have no effect.
When I run openssl s_client -starttls smtp -crlf -connect smtp.gmail.com:587 the output includes Verify return code: 0 (ok) and I don't know where to go from here. I can connect via telnet to that host & port and get a 220 SMTP message back as expected.
I do also have an exchange server available, but haven't been able to get that one working either, and thought Gmail would be more easily-solved.
I'm on Sugar 6.5.26 hosted on Linux (Debian, Raspbian).
Ok I found the solution while looking for the 'Allow less secure apps' setting in Gmail.
I have two-step authentication switched on in my Gmail account, which will obviously complicate things but had slipped my mind. Therefore I needed to use an app-specific password, and not my normal Gmail password.
As soon as I created an app-specific password in Google (at https://myaccount.google.com/apppasswords) and plugged that into the SugarCRM settings, it worked fine. D'oh!
Hey guys im trying to send and email using the command prompt.
Im using this command to contact gmail's server:
openssl s_client -starttls smtp -connect smtp.gmail.com:587 -crlf -ign_eof
Then i continue with contacting the server as shown in the picture.
The server allows me to enter the DATA but not to put . to end it.
If someone can help me fix this i will really appreciate it.
I blanked stuff to protect my privacy / account
i try to run one system test on Weblogic 10 with HTTPS basic server authentication but i recieve this exception:
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLKeyException: [Security:090542]Certificate chain received from myserver - 141.73.205.173 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:149)
at com.sun.jersey.api.client.filter.HTTPBasicAuthFilter.handle(HTTPBasicAuthFilter.java:81)
at com.sun.jersey.api.client.Client.handle(Client.java:648)
.............................................
My authentication method is :
public static WebResource createWebResource(String path) throws IOException, NoSuchAlgorithmException, Exception {
ClientConfig config = new DefaultClientConfig();
Client client = Client.create(config);
HTTPBasicAuthFilter authFilter = new HTTPBasicAuthFilter("REST_USER", "Supervisor");
client.addFilter(authFilter);
String serverUrl = findServerUrlFromJNDIProps();
return client.resource("https://myserver:8012/ERSrestServices/" + path);
}
Where is my mistake ?
The SSL certificate is not trusted by java so it is rejecting your attempt to access the server over https.
If this is a test server with a self-signed certificate, this would make sense. If it is not self-signed, then the CA is not trusted by your java install.
As per the exception:
If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify
-Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
So, -Dweblogic.security.TrustKeyStore=DemoTrust should solve your problem.
Alternatively you can add your webserver's SSL certificate to your client's java certificate store:
keytool -importcert -file certificate.cer -keystore cacerts -alias "Your Alias"
Where keytool can be found at ${jdk_home}/bin and the cacerts file at ${jdk_home}/jre/lib/security
I've godaddy's 2048bit certificate for domain and 4 subdomains.
[www.site.com, mail.site.com, e.t.c.]
Standard Multiple Domain (UCC) SSL Up to 5 Domains - 1 year (annual)
That certificate works fine in Apache, ssl web checker says OK and browser shows green line in address string.
I've added this certificate to mail daemon, it has been accepted by Exim too.
When some client tries to send mail with SSL/TLS connection through mail server, mail program says "Certificate is BAD" though shows correct trusted info.
Client connects to hostname: mail.server.com, server's hostname is: ns1.server.com (not added to certificate), mail server says: 220 ns1.site.com ESMTP Exim 4.73
Mail clients tested: iPAD mail client, Mozilla Thunderbird, Mac mail client
Please help.
UPDATE:
Godaddy's ssl checker says: SSL Chain of Trust is Broken!
Here are a couple of things to check:
Is the hostname that the mail client uses in the TCP connect, listed in the server certificate as the Common Name (CN) of the subject distinguished name?
If not, is it listed using type "DNS:" in the Subject Alternative Name X509 v3 certificate extension?
If neither of the above, you might be getting "Remote Certificate Name Mismatch" (or similarly named error.)
If it is listed, then look for the Issuer of the certificate, and Issuer of the Issuer, etc., all the way to the root certificate of the chain. The root certificate should be installed on the client machine, in the "Trusted Root" certificate store for whatever client you are using (Windows, Mozilla, Java keystore, etc.)
If the root certificate is installed, then look at the intermediate certificates, if there are any in the chain (between root and server certificates). They have to either be installed locally, or arrive from the server alongside the server certificate -- either the server sends them each time or you've got the intermediate certificates already installed on the client end. Either way, they have got to be in hand to accept the server certificate.
Do the clients which reject the certificate have the appropriate root certificates in their cert store?