Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Symptoms

  • The SMTP server that is configured in DPOD System Parameters uses STARTTLS to secure the SMTP connection.

  • Attempting to send emails from DPOD (e.g. sharing a page, sending reports, sending alerts etc.) fails.

  • DPOD servers report the following error message:

    Code Block
    javax.mail.MessagingException: java.net.SocketException: Socket closed

Cause

  • In order to secure the connection, DPOD needs to trust the SMTP server certificate.

  • In case the certificate or its CA (and entire trust chain) does not exist in the Java truststore, the connection will fail.

Resolution

  • Save the public certificate of the SMTP server, or its CA and entire trust chain, as a PEM textual file (you can concatenate several certificates within this PEM file).
    Tip: You can use the following command to connect to the SMTP server from DPOD server and display the certificates:

    Code Block
    languagebash
    themeRDark
    openssl s_client -starttls smtp -connect <SMTP Server Host>:<SMTP Server Port> -crlf -ign_eof

  • To import the certificates to the Java truststore, execute the following command:

    Code Block
    languagebashthemeRDark
    /app/java/bin/keytool -import -trustcacerts -cacerts -storepass changeit -file <PEM File> -noprompt

  • Restart all DPOD services to reload the truststore.