Hello Mike, this doesn't look like an TLS-based error to me because the connection gets established and you can get somd commands to work. If this issue would be related to anything on the secure layer most likely the connection wouldn't established at all. Did you already tried if it works without TLS? If so, you could enable debug on server side to see where starts to fail.
Also: side-note about socketTLS vs startTLS: When using socketTLS the connection is encrypted from the beginning, you have a secure tunnel through wich unencrypted data flows protected by the encryption of this tunnel. When using startTLS you start the connection as an unencrypted plain one, so the channel you're using itself is not secured. By sending starttls command basicly you say:"hey, let's speak nonesense from now on" and then encrypted data runs across the unsecure channel. In real the difference is a bit more complicated and the result is pretty much the same, but maybe this helps to understand what both of these are. So you only use one of them - that's why you getting a 500 - tls already active on your second try. greetings Matt ---- Mike Lepore schrieb ---- >I can't seem to get james3 to work with smtpserver for socketTLS on port >465. > >when I execute this command it just seems to hang at the end and not >complete the send. any ideas? Am I not running the send command >properly? I have smtpserver.xml configured for socketTLS. > > <bind>0.0.0.0:465</bind> >... > > <tls socketTLS="true" startTLS="false"> > <keystore>...ks file...</keystore> > <secret>...pw...</secret> > ><provider>org.bouncycastle.jce.provider.BouncyCastleProvider</provider> > <!-- The algorithm is optional and only needs to be specified >when using something other > than the Sun JCE provider - You could use IbmX509 with IBM Java >runtime. --> > <!--algorithm>SunX509</algorithm--> > </tls> > ># this from the smtpserver.log: > >INFO 14:13:44,677 | james.smtpserver | Id='-927469453' User='' >Connection established from 127.0.0.1 > > > ># command... > >/usr/bin/openssl s_client -quiet -connect localhost:465 >depth=0 CN = mail.lepore.org >verify error:num=18:self signed certificate >verify return:1 >depth=0 CN = mail.lepore.org >verify return:1 >220 lic4u JAMES SMTP Server Server (JAMES SMTP Server ) ready >EHLO localhost >250-lic4u Hello localhost [127.0.0.1]) >250-PIPELINING >250-ENHANCEDSTATUSCODES >250 8BITMIME >mail from:<ad...@lepore.org> >250 2.1.0 Sender <ad...@lepore.org> OK >rcpt to:<ad...@lepore.org> >250 2.1.5 Recipient <ad...@lepore.org> OK >data >354 Ok Send data ending with <CRLF>.<CRLF> >subject: this is a test on 2017-09-01 at 2:30pm > >test body > >. > > >---------- > >#tried using startTLS (didn't work either) > >/usr/bin/openssl s_client -quiet -connect localhost:465 >depth=0 CN = mail.lepore.org >verify error:num=18:self signed certificate >verify return:1 >depth=0 CN = mail.lepore.org >verify return:1 >220 lic4u JAMES SMTP Server Server (JAMES SMTP Server ) ready >EHLO localhost >250-lic4u Hello localhost [127.0.0.1]) >250-PIPELINING >250-ENHANCEDSTATUSCODES >250 8BITMIME >STARTTLS >500 5.5.1 TLS already active RFC2487 5.2 >mail from:<ad...@lepore.org> >250 2.1.0 Sender <ad...@lepore.org> OK >rcpt to:<ad...@lepore.org> >250 2.1.5 Recipient <ad...@lepore.org> OK >data >354 Ok Send data ending with <CRLF>.<CRLF> >subject: test from lic4u apache-james on 2017-09-01 at 2:17pm > >test body >. > > > >-- > >thanks, >Michael Lepore >michael.lepore.w...@gmail.com >
