To be fair, I don't have enough time to read through 209 pages.
Could you please send email, find error in the log and paste it as text
into email?
Thanks in advance
On Thu, Jul 13, 2017 at 10:50 PM, Richard Pérez <traductorchi...@yahoo.co.uk
> wrote:
> Here I send attached as PDFs Openmeetings Log for July 12th and the tests
> I performed on that date.
> In each test I registered the exact moment I pressed the SEND email
> button. With that I expected to find the error easily in the Log (maybe
> it's a mistake, but what I have been doing is copy pasting the commands in
> the Red5 command window, but I suppose it's the same info but restricted by
> a certain amount of time). Sorry, but in some tests I forgot to register
> the precise time, but I have highlighted most, if not all, exceptions in
> the PDF.
>
>
> Richard Pérez-Mongard
>
>
>
>
> --------------------------------------------
> On Thu, 13/7/17, Maxim Solodovnik <solomax...@gmail.com> wrote:
>
> Subject: Re: help configuration smtp server
> To: "Openmeetings user-list" <user@openmeetings.apache.org>, "Richard
> Pérez" <traductorchi...@yahoo.co.uk>
> Date: Thursday, 13 July, 2017, 10:52
>
> Please
> provide related part of openmeetings.log?What the exact
> error are you receiving from java.mail?
> On Thu, Jul 13, 2017 at
> 9:37 PM, Richard Pérez <traductorchi...@yahoo.co.uk>
> wrote:
> Hello:
>
>
>
> I was "listening" in to this one because I'm
> suffering the same inability to send emails,
>
> I get the same error messages.
>
>
>
> I have tried with yahoo, Gmail, Hotmail and my website's
> email, with my Antivirus disconnected or not, with
> Chrome's "less secure" active or not, with
> 465, 443, 587, 80, enabled, not enabled, and nothing works
> with sending an invitation while in a room (haven't
> found yet any other way of sending an invitation).
>
>
>
> Could you please tell me what do you mean by:
>
>
>
> "Open OS and software firewall SMTP ports.
>
> Set hardware firewall policies NAT allow from your server to
> WAN."
>
>
>
>
>
> I looked for the Firewall settings:
>
> Firewall Settings > Apps allowed
>
> These are the ones not allowed that I feel might be
> related
>
> ----------------------
>
> Captura SNMP (SNMP capture?)
>
> Esta característica permite que este equipo pueda recibir
> el tráfico del Servicio de captura de SNMP.
>
>
>
> Enrutamiento y acceso remoto (Routing and remote
> access?)
>
> Esta característica se usa para permitir las conexiones VPN
> y RAS entrantes.
>
>
>
> Protocolo de túnel de sockets seguros (Secure Socket Tunnel
> Protocol)
>
> Esta característica se usa para permitir las conexiones VPN
> entrantes que usan el protocolo de túnel de sockets seguros
> (SSTP). (Usa HTTPS)
>
>
>
> Servicio iSCSI (ISCSI service?)
>
> Esta característica se usa para conectarse a servidores y
> dispositivos de destino iSCSI.
>
> ------------------------------ ---------
>
>
>
> I have also seen the advanced Firewall Settings ("Entry
> rules" and "Exit rules", I have a Spanish
> version of Windows 10), but I don’t know what/if I should
> change.
>
>
>
> I wanted to use Gmail as my option for sending emails.
> Excuse my ignorance, but should I get my own CA certificate
> or do I get it from Gmail. Do I have to do something to
> earn it?
>
> My website is HTTPS thanks to a SSL certificate delivered by
> CPanel (the free version). If I used my website's
> email as sender and system email (it would be the same email
> I signed up to OpenMeetings with) would this certificate be
> equivalent to the CA certificate you mention?
>
>
>
> I have been reading about some Certificate installing
> procedures but they seem outdated (jre 1.6)
>
> http://s-n-ushakov.blogspot.
> com/2013/11/yet-another-
> installcert-for-java-now.html
>
> https://javaee.github.io/
> javamail/InstallCert
>
>
>
> I haven't found a way to download or export the CPanel
> certificate (if I can) but have some details:
>
> Certificate ID:, Domains:, Key Size:, Expiration:, and the
> Issuer: cPanel, Inc., however I have noticed that
> CPanel is not among the trusted CAs (I understand it's a
> "Comodo" certificate.
>
>
>
> If I insist on Gmail can I use the CPanel one or would I
> have to buy a CA certificate? or would you suggest getting a
> free one if buying is not possible?
>
>
>
> Thanks,
>
>
>
>
>
>
>
>
>
> Richard Pérez-Mongard
>
>
>
>
>
> ------------------------------ --------------
>
> On Thu, 13/7/17, <maxime.gue...@bssp.fr>
> wrote:
>
>
>
> Subject: Re: help configuration smtp server
>
> To: user@openmeetings.apache.org
>
> Date: Thursday, 13 July, 2017, 9:07
>
>
>
>
>
> On 13.07.2017 02:58, Maxim Solodovnik wrote:
>
>
>
> Hello,
>
>
>
> This error "unable
>
> to find valid certification path to requested
>
> target" usually means certificate chin is not
>
> recognized to be secure
>
> I believe you need to import your CA certificate will
>
> all intermediate certificates to JRE
>
> (jre/lib/security/cacerts)
>
>
>
>
>
>
>
> On Thu, Jul 13, 2017
>
> at 1:43 AM, Coscend@OM <om.insig...@coscend.com>
>
> wrote:
>
>
>
> Hello
>
> Maxime,
>
>
>
> In the spirit of
>
> assisting you, here are a few vectors to resolve your
>
> issue:
>
> Issue: "unable
>
> to find valid certification path to requested target
>
> at com.sun.mail.smtp.
>
> SMTPTransport.startTLS"
>
>
>
> Suggestions:
>
> 1. OM
>
> configuration issue:
>
> Configure Admin ->
>
> Configuration
>
>
>
>
>
> Smtp_server: this is the smtp server to send
> messages.
>
> Smtp_port: this is the smtp server port
>
> normally 25 or 80, if using no SSL,
>
>
>
> otherwise 443 if using SSL encrypted e-mail.
>
> System_email_addr: all sent e-mails by the
>
> system including invitations
>
> will have this
>
> address:
>
> Email_username (System
>
> authentication email username): your e-mail's
>
> username: .... or on how your third party
>
> e-mail client is configured.
>
>
>
> Email_userpass: the password of your e-mail's
>
> username
>
> Mail.smtp.starttls.enable: 0 (if
>
> above 25 or 80) or 1 (if above is 443)
>
>
>
> Enable TLS 1=true, 0=false
>
>
>
>
>
> For example, in GMail,
>
>
>
> Smtp_server: smtp.gmail.com
>
> Smtp_port: Port 465 (SSL required)
>
> Port 587 (TLS required)
>
>
>
> 2. Additional: Firewall
>
>
>
> Open OS and software firewall SMTP ports.
>
>
>
> Set hardware firewall policies NAT allow from your server
> to
>
> WAN.
>
>
>
> Thank you.
>
>
>
> Sincerely,
>
>
>
>
>
> Hemant K. Sabat
>
>
>
> Coscend Communications Solutions
>
> www.Coscend.com
>
> ------------------------------
>
> ------------------------------ ------
>
>
>
> Real-time, Interactive Video Collaboration,
> Tele-healthcare,
>
> Tele-education,
>
> Telepresence Services, on
>
> the fly...
>
> ------------------------------
>
> ------------------------------ ------
>
>
>
> CONFIDENTIALITY NOTICE: See 'Confidentiality Notice
>
> Regarding E-mail
>
> Messages from Coscend
>
> Communications Solutions' posted at:
>
> http://www.Coscend.com/Terms_
>
> and_Conditions.html
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> -----Original Message-----
>
> From: maxime.gue...@bssp.fr
>
> [mailto:maxime.gue...@bssp.fr]
>
> Sent: Wednesday, July 12, 2017 12:29 PM
>
> To: user@openmeetings.apache.org
>
> Subject: help configuration smtp server
>
>
>
> Hello,
>
>
>
> We are installing a version of openmeetings
>
> (last stable) on a stretch
>
> Debian.
>
> Everything seems to work fine but we configured a smtp
>
> server with
>
> starttls port 587 from a
>
> functional mail server and we have a mail sending
>
> problem after creating a conference in the
>
> calendar.
>
> The "email Management"
>
> shows multiple errors as follows :
>
>
>
> Last Error
>
>
>
> javax.mail.MessagingException: Could not convert socket
> to
>
> TLS;
>
> nested exception is:
>
> javax.net.ssl.
>
> SSLHandshakeException:
>
>
>
> sun.security.validator. ValidatorException: PKIX path
>
> building failed:
>
> sun.security.provider.
>
> certpath. SunCertPathBuilderException: unable to find
>
> valid certification path to requested
>
> target
>
> at com.sun.mail.smtp.
>
> SMTPTransport.startTLS( SMTPTransport.java:2064)
>
> at
>
>
>
> com.sun.mail.smtp. SMTPTransport.protocolConnect(
>
> SMTPTransport.java:724)
>
> at
>
> javax.mail.Service.connect( Service.java:388)
>
> at javax.mail.Service.connect(
>
> Service.java:246)
>
> at
>
> javax.mail.Service.connect( Service.java:195)
>
> at javax.mail.Transport.send0(
>
> Transport.java:254)
>
> at
>
> javax.mail.Transport.send( Transport.java:124)
>
> at
>
>
>
> org.apache.openmeetings.core. mail.MailHandler$2.run(
>
> MailHandler.java:242)
>
> at
>
> java.util.concurrent.
>
> ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:11
>
> 42)
>
> at
>
> java.util.concurrent.
>
> ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:6
>
> 17)
>
> at
>
> java.lang.Thread.run(Thread. java:748)
>
>
>
> Caused by: javax.net.ssl. SSLHandshakeException:
>
> sun.security.validator. ValidatorException:
>
> PKIX path building failed:
>
>
>
> sun.security.provider. certpath.
>
> SunCertPathBuilderException: unable to find
>
>
>
> valid certification path to requested target
>
> at sun.security.ssl.Alerts.
>
> getSSLException(Alerts.java: 192)
>
>
>
> at sun.security.ssl. SSLSocketImpl.fatal(
>
> SSLSocketImpl.java:1949)
>
> at
>
> sun.security.ssl.Handshaker.
> fatalSE(Handshaker.java:302)
>
> at sun.security.ssl.Handshaker.
>
> fatalSE(Handshaker.java:296)
>
>
>
> at
>
> sun.security.ssl. ClientHandshaker.
>
> serverCertificate( ClientHandshaker.java:15
>
>
>
> 14)
>
> at
>
>
>
> sun.security.ssl. ClientHandshaker. processMessage(
>
> ClientHandshaker.java:216)
>
> at
>
> sun.security.ssl.Handshaker.
> processLoop(Handshaker.java:
>
> 1026)
>
> at
>
> sun.security.ssl.Handshaker. process_record(Handshaker.
>
> java:961)
>
> at
>
>
>
> sun.security.ssl. SSLSocketImpl.readRecord(
>
> SSLSocketImpl.java:1062)
>
> at
>
> sun.security.ssl. SSLSocketImpl.
>
> performInitialHandshake( SSLSocketImpl.java:13
>
> 75)
>
> at
>
> sun.security.ssl.
>
> SSLSocketImpl.startHandshake( SSLSocketImpl.java:1403)
>
> at
>
>
>
> sun.security.ssl. SSLSocketImpl.startHandshake(
>
> SSLSocketImpl.java:1387)
>
> at
>
> com.sun.mail.util. SocketFetcher.
>
> configureSSLSocket( SocketFetcher.java:598)
>
>
>
> at com.sun.mail.util.
> SocketFetcher.startTLS(
>
> SocketFetcher.java:525)
>
> at
>
> com.sun.mail.smtp. SMTPTransport.startTLS(
>
> SMTPTransport.java:2059)
>
> ... 10
>
> more
>
> Caused by: sun.security.validator.
>
> ValidatorException: PKIX path building
>
>
>
> failed: sun.security.provider. certpath.
>
> SunCertPathBuilderException:
>
> unable to find
>
> valid certification path to requested target
>
> at
>
>
>
> sun.security.validator. PKIXValidator.doBuild(
>
> PKIXValidator.java:387)
>
> at
>
> sun.security.validator.
>
> PKIXValidator.engineValidate( PKIXValidator.java:292)
>
> at sun.security.validator.
>
> Validator.validate(Validator. java:260)
>
>
>
> at
>
> sun.security.ssl.
>
> X509TrustManagerImpl.validate(
>
> X509TrustManagerImpl.java:324
>
> )
>
> at
>
>
>
> sun.security.ssl. X509TrustManagerImpl. checkTrusted(
>
> X509TrustManagerImpl.java
>
> :229)
>
> at
>
>
>
> sun.security.ssl. X509TrustManagerImpl.
> checkServerTrusted(
>
> X509TrustManagerImp
>
> l.java:124)
>
> at
>
>
>
> sun.security.ssl. ClientHandshaker. serverCertificate(
>
> ClientHandshaker.java:14
>
> 96)
>
> ... 20 more
>
>
>
> Caused by: sun.security.provider. certpath.
>
> SunCertPathBuilderException:
>
> unable to find
>
> valid certification path to requested target
>
> at
>
>
>
> sun.security.provider. certpath.SunCertPathBuilder.
>
> build(SunCertPathBuilder.j
>
> ava:141)
>
> at
>
>
>
> sun.security.provider. certpath.SunCertPathBuilder.
>
> engineBuild(SunCertPathBui
>
>
>
> lder.java:126)
>
> at
>
> java.security.cert. CertPathBuilder.build(
>
> CertPathBuilder.java:280)
>
> at
>
> sun.security.validator. PKIXValidator.doBuild(
>
> PKIXValidator.java:382)
>
> ... 26
>
> more
>
>
>
> Could you help us on
>
> configuring mail server with openmeetings ?
>
>
>
>
>
> Thanks for your help.
>
>
>
> Best Regards.
>
>
>
> Maxime
>
>
>
>
>
>
>
>
>
> ---
>
> This email has been checked for viruses
>
> by AVG.
>
> http://www.avg.com
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
>
>
>
> WBR
>
> Maxim aka solomax
>
>
>
>
>
> Hello,
>
>
>
> Thank you very
>
> much for your reply and your useful help, importing the
>
> certificate made it functional. It works fine now.
>
>
>
> Best regards.
>
>
>
> Maxime
>
>
>
>
>
>
>
>
> --
> WBR
> Maxim aka solomax
--
WBR
Maxim aka solomax
