Troubleshoot SMTP inbound email using StartTLS - Alfresco Content Services - 23.4 - 23.4 - Ready - Alfresco - external

Alfresco Content Services

Platform
Alfresco
Product
Alfresco Content Services
Release
23.4
License

For StartTLS support to work for inbound email, you must configure SSL for Java.

To identify whether you’re having this problem, enable DEBUG logging for the class org.subethamail in your log4j2.properties file.

startTLS() failed: no cipher suites in common

Also, to enable efficient inbound mail server logging in debug mode, you need a log4j option that allows you to track mails, including the sender details, recipient details, subject and the reason for rejection/acceptance. To do so, enable DEBUG logging for the class org.subethamail.smtp.server.ConnectionHandler as shown:

logger.subethamail-smtp-server-ConnectionHandler.name=org.subethamail.smtp.server.ConnectionHandler
logger.subethamail-smtp-server-ConnectionHandler.level=debug  

The following process outlines one method for creating a self-signed certificate. However, this can differ between JVM vendors, so see the JVM documentation for more information.

  1. Create a suitable key and certificate:

     keytool -genkey -keystore mySrvKeystore -keyalg RSA
    
  2. Add the following somewhere in your Tomcat configuration. For example, /etc/tomcat5/tomcat7.conf.

    JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456"