Cannot send e-mail with TLS (STARTTLS)
Hi,
I have a problem where i cant send an e-mail, with my gmail it was easy everything worked, but now in the envirement i need to use my process it doesnt work.
The only difference is the SSL and STARTTLS, the smtp server im trying to connect to uses TLS. After starting the process i get this error:
2020-12-09 10:49:17.769 +0000 SEVERE: org.bonitasoft.engine.execution.work.InSessionBonitaWork THREAD_ID=182 | HOSTNAME=aac626de7ff3 | TENANT_ID=1 | org.bonitasoft.engine.commons.exceptions.SBonitaRuntimeException : "org.bonitasoft.engine.connector.exception.SConnectorException: org.bonitasoft.engine.connector.ConnectorException: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
org.bonitasoft.engine.commons.exceptions.SBonitaRuntimeException: org.bonitasoft.engine.connector.exception.SConnectorException: org.bonitasoft.engine.connector.ConnectorException: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl.lambda$execute$0(ConnectorExecutorImpl.java:135)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.bonitasoft.engine.connector.exception.SConnectorException: org.bonitasoft.engine.connector.ConnectorException: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.bonitasoft.engine.core.connector.impl.SConnectorAdapter.execute(SConnectorAdapter.java:75)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl$ExecuteConnectorCallable.call(ConnectorExecutorImpl.java:246)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl$ExecuteConnectorCallable.call(ConnectorExecutorImpl.java:206)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl.lambda$wrapForStats$1(ConnectorExecutorImpl.java:145)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl.lambda$execute$0(ConnectorExecutorImpl.java:132)
... 4 more
Caused by: org.bonitasoft.engine.connector.ConnectorException: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.bonitasoft.connectors.email.EmailConnector.executeBusinessLogic(EmailConnector.java:475)
at org.bonitasoft.engine.connector.AbstractConnector.execute(AbstractConnector.java:77)
at org.bonitasoft.engine.core.connector.impl.SConnectorAdapter.execute(SConnectorAdapter.java:73)
... 8 more
Caused by: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1907)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:666)
at javax.mail.Service.connect(Service.java:317)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
at javax.mail.Transport.send(Transport.java:124)
at org.bonitasoft.connectors.email.EmailConnector.executeBusinessLogic(EmailConnector.java:473)
... 10 more
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:320)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:641)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:460)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(CertificateMessage.java:360)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:549)
at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:486)
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1902)
... 17 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:290)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129)
at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:625)
... 30 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
... 36 more
I read that there is a workaround by setting the SMTP server trusted (in a java app), but i dont know how to do that in Bonita. How could i make this work?
Update #1: Okay i figured out after reading documentations and stuff that the connector has a parameter like this:
public static final String TRUST_CERTIFICATE = "trustCertificate";
But in the studio i cant see this parameter, and possibly this will be null, but what i need is to set this value to true. I opened my process file, and can see all the other parameters exept this.
So i update my question, why is this parameter left out from the email connector form? And how can i set its value?
Comments
Thank you, it worked, one last question, right now the sender of the messageis is the email address, where can i set the sender name? For example im sending from some@mail.com, and this is diplayed as sender, but i want to display MR SENDER GMBH. Can this be done? I tried to insert some name in the from* parameter, but it didnt work.
Did you try the following format:
Joe Smith <joe@acme.com>in theFrominput ?Thank you for the advice, i tried it, but this is the result:
2020-12-16 10:42:40.001 +0100 SEVERE: org.bonitasoft.engine.execution.work.InSessionBonitaWork THREAD_ID=155 | HOSTNAME=DESKTOP-6316QSC | TENANT_ID=1 | org.bonitasoft.engine.commons.exceptions.SBonitaRuntimeException : "org.bonitasoft.engine.connector.exception.SConnectorException: org.bonitasoft.engine.connector.ConnectorException: com.sun.mail.smtp.SMTPSendFailedException: 555 5.5.2 Syntax error. j23sm7235816edv.45 - gsmtp
"
org.bonitasoft.engine.commons.exceptions.SBonitaRuntimeException: org.bonitasoft.engine.connector.exception.SConnectorException: org.bonitasoft.engine.connector.ConnectorException: com.sun.mail.smtp.SMTPSendFailedException: 555 5.5.2 Syntax error. j23sm7235816edv.45 - gsmtp
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl.lambda$execute$0(ConnectorExecutorImpl.java:135)
at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: org.bonitasoft.engine.connector.exception.SConnectorException: org.bonitasoft.engine.connector.ConnectorException: com.sun.mail.smtp.SMTPSendFailedException: 555 5.5.2 Syntax error. j23sm7235816edv.45 - gsmtp
at org.bonitasoft.engine.core.connector.impl.SConnectorAdapter.execute(SConnectorAdapter.java:75)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl$ExecuteConnectorCallable.call(ConnectorExecutorImpl.java:246)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl$ExecuteConnectorCallable.call(ConnectorExecutorImpl.java:206)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl.lambda$wrapForStats$1(ConnectorExecutorImpl.java:145)
at org.bonitasoft.engine.connector.impl.ConnectorExecutorImpl.lambda$execute$0(ConnectorExecutorImpl.java:132)
... 4 more
Caused by: org.bonitasoft.engine.connector.ConnectorException: com.sun.mail.smtp.SMTPSendFailedException: 555 5.5.2 Syntax error. j23sm7235816edv.45 - gsmtp
at org.bonitasoft.connectors.email.EmailConnector.executeBusinessLogic(EmailConnector.java:510)
at org.bonitasoft.engine.connector.AbstractConnector.execute(AbstractConnector.java:77)
at org.bonitasoft.engine.core.connector.impl.SConnectorAdapter.execute(SConnectorAdapter.java:73)
... 8 more
Caused by: com.sun.mail.smtp.SMTPSendFailedException: 555 5.5.2 Syntax error. j23sm7235816edv.45 - gsmtp
at com.sun.mail.smtp.SMTPTransport.issueSendCommand(SMTPTransport.java:2358)
at com.sun.mail.smtp.SMTPTransport.mailFrom(SMTPTransport.java:1823)
at com.sun.mail.smtp.SMTPTransport.sendMessage(SMTPTransport.java:1300)
at javax.mail.Transport.send0(Transport.java:255)
at javax.mail.Transport.send(Transport.java:124)
at org.bonitasoft.connectors.email.EmailConnector.executeBusinessLogic(EmailConnector.java:508)
... 10 more
I could manage to make it work like this: email@mail.com (name)
My problem is that i have special characters like: á é ü ű etc. If i use there then it doesnt work, i tried to convert it to url codes, but of course that wasnt the solution (altough the email was sent that way at least, but the characters where bad).
Any idea how to make a sender name like my name for example Zoltán? it has á character wich the program doesnt accept.
After reading about the InternetAddress class, that accepts the From String, i think there is no way to do this in the Bonita Connector. Because if you use non ASCII characters then you have to set the char set, and you cant do that because the connector doesnt have such parameter. So you cant use special characters in this connector for the alias.
If there this can work somehow i would appreciate the help.
But i will write my own e-mail sending connector, because i spent a lot of time trying to make the Bonita connector work, but it cant be configured this way.
Yes, I reproduce the issue with gmail smtp, it look like it doesn't support this format in the
fromfield (it works in thetofield however).I don't think it is a something we can fix Bonita side. Sorry.
Edit: Didn't see your last replies. If it can be fixed in the connector, please try to make a pull request on the official open source connector. I'll be glad to review it :)
Thank you for your time, it could fix it if the Bonita connector would use the InternetAddress class constructor with the three paramters:
public InternetAddress(java.lang.String address, java.lang.String personal, java.lang.String charset)And in the connector form we could set these parameters, so we would need 2 additional parameters in the form, of course just for me it is not something i want to ask you. It is just an idea, if my bosses decide they need the special characters, then i have to do it, and i will do it this way.
Again thank you, and have a nice day!
Dear Romain!
Sorry, but after pressing the new pull request button cant do anything. However i can send over the modified EmailConnector.java file to an e-mail address if that helps. Im finished with the modifications.
Best Regards:
Zoltán
Did you fork the repository ? Here is a guide that may help you.
Thanks for the help, i did it here it is:
https://github.com/zkurucsai/bonita-connector-email
I changed the email.def, and the EmailConnector.java file
Edit: I didnt test it yet.
You just have to create the PR from your fork, it will build and run the tests ! Thanks for your contribution.
I tried to create a PR but, i my commits didnt met the requirements, if i have some spare time i will make it work.
However, i tested the connector with this code, it works nice, now i can use non-ascii characters in alias name.
Great, for the requirements, the name of the must be something like:
feat(sender): add support for sender alias nameand you must sign a contribution licence agreement.
Thanks for pushing the extra mile.
Hi Zoltan, I've made a quick review of your PR and find out that using a RFC822 compliant format in the
fromfield should work without changing the code. I 've tested on my side with afromvalue like:romain.bioteau@bonitasoft.com (Romain Bioteau)and it is working as expected.What kind of character are you using that may lead to encoding issues ?
Hi
In youre case it worked because you did not use special characters. Please try romain.bioteau@bonitasoft.com (Rómáín Bíőtéáű), in our country these characters are very common in names.
Zoltan
After some reading in the spec, you can specify the charset like this:
romain.bioteau@bonitasoft.com (=?ISO-8859-2?Q?R=f3m=e1=edn B=ed=f5t=e9=e1=fb?=)I have use this online tool to retrieve the proper hex code for the 'special' characters.
I'll add some documentation about how to use this without the hassle of doing the hexa convertion manually.
Thanks again for your help !
Thank you for this information it will be useful for me in the future :)
Zoltan
Here is a groovy one-liner to encode it using utf-8:
"$emailNotificationSender (=?UTF-8?Q?=${emailNotificationSenderName.getBytes('UTF-8').collect{it & 0xFF}.collect{Integer.toHexString((int) it) }.join('=')}?=)"whereemailNotificationSenderis a process parameter containing the email address andemailNotificationSenderNameanother parameter with the name.This kinf of expression can be used in the
fromconnector input.