You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@nifi.apache.org by Luis Carmona <lc...@openpartner.cl> on 2020/05/06 03:42:06 UTC
ConsumeIMAP certificates issue
Hi guys,
I have a project that needs to receive the mails flow from an Imap
server.
If I try to read from port 993, get the error:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
If I try to read from port 143, get the error:
Unrecognized SSL message, plaintext connection
As my mail server accepts only secure login, I presume it is claiming
about the corresponding certificate.
The question is how to configure from where it has to read the
certificate ?
Thanks in advance.
Regards,
LC
Re: ConsumeIMAP certificates issue
Posted by Andy LoPresto <al...@apache.org>.
Since the ConsumeIMAP processor does not expose an SSLContextService controller service to allow you to configure a custom truststore, it looks like the certificate verification is done internally in the underlying Spring library. I would try adding the public certificate of the IMAP server to the following truststores, one at a time, in this order:
1. JRE cacerts (copy the actual cacerts and ensure you have a backup before you start modifying it)
2. The NiFi truststore configured in nifi.properties
Andy LoPresto
alopresto@apache.org
alopresto.apache@gmail.com
He/Him
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69
> On May 5, 2020, at 8:42 PM, Luis Carmona <lc...@openpartner.cl> wrote:
>
> Hi guys,
>
> I have a project that needs to receive the mails flow from an Imap
> server.
>
> If I try to read from port 993, get the error:
>
> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> find valid certification path to requested target
>
> If I try to read from port 143, get the error:
>
> Unrecognized SSL message, plaintext connection
>
>
>
> As my mail server accepts only secure login, I presume it is claiming
> about the corresponding certificate.
>
> The question is how to configure from where it has to read the
> certificate ?
>
>
> Thanks in advance.
>
> Regards,
>
> LC
>
>
>
>