Error in sending email : [WATCHER]

aviral_srivastava · April 28, 2016, 2:26pm

"actions": [
{
"id": "email_admin",
"type": "email",
"status": "failure",
"reason": "MessagingException[failed to send email with subject [Watcher Executed] via account [S-IWEBTRANSLATORTO]]; nested: MessagingException[Could not convert socket to TLS]; nested: SSLHandshakeException[sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]; nested: ValidatorException[PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]; nested: SunCertPathBuilderException[unable to find valid certification path to requested target]; "
}
]
Can anybody help

spinscale · April 28, 2016, 3:07pm

Hey,

there seems to be an issue connecting via TLS to the SMTP server.

The SunCertPathBuilderException above indicates that a certificate was returned during the handshake that is not trusted. This message is seen on the client side of the connection. The SSLException above is seen on the server side of the connection.

You need to configure https://javamail.java.net/nonav/docs/api/com/sun/mail/smtp/package-summary.html - which can be configured in watcher email settings

Hope this helps

--Alex

aviral_srivastava · April 29, 2016, 8:13am

Hi spinscale,
thanks for your response.
MY WATCHER CONFIGURATION IS THIS:-
{
"trigger" : {
"schedule" : { "interval" : "10s" }
},
"input" : {
"search" : {
"request" : {
"indices" : [ "smartlog" ],
"body" : {
"query" : {
"match" : { "logLevel": "ERROR" }
}
}
}
}
},
"condition" : {
"compare" : {
"ctx.payload.hits.total" : { "gt" : 50 }
}
},
"actions" : {
"email_admin" : {
"email": {
"to": "aviral.srivastava@company.com",
"subject": "Watcher Executed",
"body": "Congrats, you have successfully configured watcher to send email"
}
}
}
}
MY elasticsearch.yml CONFIGURATION :-
watcher.actions.email.service.account:
exchange_account:
profile: outlook
email_defaults:
from: webtranslatortool.in@company.com
smtp:
auth: true
starttls.enable: true
host: ismtp.corp.company.com
port: 25
user: abcde
password: abcde
ssl.trust: ismtp.corp.company.com
IN MY WATCHER HISTORY I GET BELOW ERROR :-
"actions": [
{
"id": "email_admin",
"type": "email",
"status": "failure",
"reason": "MessagingException[failed to send email with subject [Watcher Executed] via account [exchange_account]]; nested: AuthenticationFailedException[No authentication mechanisms supported by both server and client]; "
}
]

spinscale · April 29, 2016, 11:24am

Hey,

your second exception is different than the first. See the watch history

No authentication mechanisms supported by both server and client

This means that the server and the client could not negotiate an auth mechanism. What kind of server is that? Maybe there is a mail server configuration error, that it does not support user based auth?

Checking the log files of your mail server might help a lot here.

--Alex

aviral_srivastava · April 29, 2016, 1:36pm

Dear Alex,

We are in a corporate environment. There is a corporate exchange server.
So, I do not have access to the server logs here.

I tried to connect to our corporate exchange server using TELNET from my system.
I was able to connect. and also send email from webtranslatortool.in@company.com to aviral.srivastava@company.com ..
NOTE:- These are the same emails as I specified in the elasticsearch.yml and watcher configuration.

It seems I have issue in the elasticsearch.yml configuration.

spinscale · April 29, 2016, 1:59pm

Hey,

please google for that particular error message. Looks to me as if smtp auth is not supported by exchange out of the box and requires configuration. Can you tell me how your current authentication works with your exchange server, so one can see if java mail supports it?

Also setting up a small java program usign javamail would allow to rule out java as a problem source.

--Alex

aviral_srivastava · April 29, 2016, 2:29pm

Thanks Alex for your suggestion,

I wrote a smail java program using javamail and I was able to send email.
package com.mail;

import java.util.;
import javax.mail.;
import javax.mail.internet.;
import javax.activation.;

public class SendEmail
{
public static void main(String [] args)
{
// Recipient's email ID needs to be mentioned.
String to = "aviral.srivastava@company.com";

  // Sender's email ID needs to be mentioned
  String from = "webtranslatortool.in@company.com";

  // Assuming you are sending email from localhost
  String host = "ismtp.corp.company.com";

  // Get system properties
  Properties properties = System.getProperties();

  // Setup mail server
  properties.setProperty("mail.smtp.host", host);

  // Get the default Session object.
  Session session = Session.getDefaultInstance(properties);

  try{
     // Create a default MimeMessage object.
     MimeMessage message = new MimeMessage(session);

     // Set From: header field of the header.
     message.setFrom(new InternetAddress(from));

     // Set To: header field of the header.
     message.addRecipient(Message.RecipientType.TO, new InternetAddress(to));

     // Set Subject: header field
     message.setSubject("This is the Subject Line!");

     // Now set the actual message
     message.setText("This is actual message");

     // Send message
     Transport.send(message);
     System.out.println("Sent message successfully....");
  }catch (MessagingException mex) {
     mex.printStackTrace();
  }

}
}

It seems authentication is not required and can you help me what should i configure in elastisearch.yml file

spinscale · April 29, 2016, 3:08pm

recheck and adapt your watcher configuration, it is vastly different using SMTP auth and TLS, you should remove those settings.