Environment
Vibe 4.0.3
Situation
2019-05-29 03:41:56,022 ERROR [Sitescape_Worker-15] [org.kablink.teaming.module.mail.impl.MailModuleImpl] - EXCEPTION: Could not fill e-mail subscriptions: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Resolution
-
Make sure the gwia smtp service is set to ssl enabled or required
-
GWIA | Agent Settings | SMTP
-
-
Copy the CA cert over to the vibe server
-
Open a terminal to the GWIA server and run the following commands:
-
cd /opt/novell/groupwise/certificates/(current cert directory will be a long directory name of alpha-numeric value)
-
scp ca.crt <ip or hostname of vibe server>:/(choose a directory to store certificates)/
-
-
Convert the cert to .der format
-
Open a terminal to the vibe server and do the following:
-
Change to the directory where the CA cert was just copied to.
-
openssl x509 -in ca.crt -outform der -out cacert.der
-
ca.crt is the CA cert, cacert.der will be the .der encoded certificate
-
-
-
Import the CA cert to the Vibe cacert using the keytool
-
Change to /opt/novell/teaming/jre/bin/
-
./keytool -import -alias ca_cert -file /root/rootCert/cacert.der -cacerts
-
ca_cert can be anything, it's an alias
-
/root/rootCert/cacert.der is the path to the .der encoded cert that was just created
-
- Enter the password to the Vibe keystore file. It might be:
changeit
-
Trust the certificate by typing "yes" and pressing "Enter"
-
-
Enable TLS for outbound email
-
https://www.novell.com/documentation/vibe4/vibe4_admin/data/bzmeoab.html
-
Follow this document's steps 2 - 6
-
To restart vibe run: systemctl restart vibe.service
-