This is a guess but I bet the private key is not in the keystore. Did you generate the cert request using keytool? If not, you will need to generate pfx file with the public and private key in it, then transform the pfx file into the keystore format, specifying that keystore as the store for James. That should do it.
Here is a discussion on Stack Overflow about the transform process. http://stackoverflow.com/questions/4217107/how-to-convert-pfx-file-to-keystore-with-private-key On Tue, Oct 15, 2013 at 4:06 PM, Jan Drake <jan.s.dr...@gmail.com> wrote: > Not sure if I should expect to get posts that I send to this list returned > to me by the list? It seems to filter them out so I can't be sure they > made the list. > > Anyway, original message below, with some additional information from the > smtpserver log: > > 5/10/13 21:55:04 INFO smtpserver: Connection from > ip-10-144-83-143.ec2.internal (10.144.83.143) > 15/10/13 22:05:04 ERROR smtpserver: Socket to ip-10-144-83-143.ec2.internal > (10.144.83.143) timeout. > java.net.SocketTimeoutException: Read timed out > at java.net.SocketInputStream.socketRead0(Native Method) > at java.net.SocketInputStream.read(SocketInputStream.java:152) > at java.net.SocketInputStream.read(SocketInputStream.java:122) > at sun.security.ssl.InputRecord.readFully(InputRecord.java:442) > at sun.security.ssl.InputRecord.read(InputRecord.java:480) > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) > at > > sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) > at > sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882) > at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) > at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) > at java.io.BufferedInputStream.read(BufferedInputStream.java:254) > at > > org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:153) > at > > org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:113) > at > > org.apache.james.smtpserver.SMTPHandler.readCommandLine(SMTPHandler.java:751) > at > > org.apache.james.smtpserver.SMTPHandler.handleConnection(SMTPHandler.java:372) > at > > org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:432) > at > > org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55) > at > org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116) > > > Additionally... the exchange server attempting to connect is showing no > errors in the protocol log just continuous attempts to connect. > > Any thoughts? > > Jan > > ---------- Forwarded message ---------- > From: Jan Drake <jan.s.dr...@gmail.com> > Date: Tue, Oct 15, 2013 at 8:17 AM > Subject: James 2.3 - TLS Connection Problem/Questions > To: James Users List <server-user@james.apache.org> > > > After following the instructions I could find on generating a key and > configuring TLS/SSL for SMTP in James 2.3, I encountered no configuration > errors in logs; however, every time I try to connect to the port securely > the connection hangs and, eventually, the server log shows an error and > claims connection termination from the client. I'm wondering if I've > missed something. Firewalls are totally open... the connection establishes > but hangs. > > And, the other question I have is... given a CSR for a cert for a domain, > in this case wildcard, what's the best type of cert to request for use with > James 2.3? > > Apache2 > Apache+OpenSSL > Apache+ApacheSSL > ... or? > > Thanks, > > > Jan >
