You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-dev@james.apache.org by "Benoit Tellier (Jira)" <se...@james.apache.org> on 2021/09/04 04:29:00 UTC

[jira] [Commented] (JAMES-2631) TLS 1.2 problems with Certificate Request

    [ https://issues.apache.org/jira/browse/JAMES-2631?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17409794#comment-17409794 ] 

Benoit Tellier commented on JAMES-2631:
---------------------------------------

Recent work led me to discover one can specify the trust store for javax.mail (and thus remoteDelivery) using:

{code:java}
-Djavax.net.ssl.trustStore=/root/conf/keystore
{code}

This should allow solving your issue.

Reopen if it is not the case.

Also I encourage you migrating to recent James versions.

Regards,

Benoit


> TLS 1.2 problems with Certificate Request
> -----------------------------------------
>
>                 Key: JAMES-2631
>                 URL: https://issues.apache.org/jira/browse/JAMES-2631
>             Project: James Server
>          Issue Type: Bug
>    Affects Versions: 3.0.1
>            Reporter: Arnau Rebassa
>            Priority: Major
>         Attachments: james_response.png, server_request.png
>
>
> We are using james 3.0.1 configured to use TLS in remote deliveries. The sending of emails over TLS is working fine but we have problems sending emails to a particular server which performs a "Certificate Request". When this happens, in a tcpdump capture I can see that, James returns an error Alert (Level: Fatal, Description: Certificate Unknown).
>  
> The certificate used by the remote server is issued by a well know CA. In the picture server_request.png you can see as the remote server requests a "Certificate request" to the client (in this case to James).
>  
> In the file james_reponse.png you can see how James sends a Fatal alert.
>  
> I have been looking into the documentation but I haven't found the way to specify a keystore in the mailetcontainer.xml. Is this possible? Anyone knows how to fix this?
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org