Could not convert socket to TLS - Unable to send mail via IDM policy

  • 7023302
  • 24-Aug-2018
  • 27-Aug-2018

Environment

Identity Manager 4.7 (Engine)

Situation

After upgrading Identity Manager engine to version 4.7, send mail from the driver policies experience
 Message:  Code(-9195) Error in vnd.nds.stream:<driver path> : Couldn't send email: javax.mail.MessagingException: Could not convert socket to TLS;

Resolution

1. Export the certificate from Exchange server(https://technet.microsoft.com/en-us/library/bb310778(v=exchg.160).aspx)
2. Import into /opt/netiq/common/jre/lib/security/cacerts
    (/opt/netiq/common/jre/bin/keytool -import -alias <alias-name> -file <exported-cert.cer> -keystore /opt/netiq/common/jre/lib/security/cacerts)
3. Restart eDirectory

Cause

In IDM 4.7, the engine determines if the mail server supports a secure port. If one is determined, then the engine defaults to using secure port automatically to ensure securing communication between the engine (client) and the mail server(server) as security measure.