Hi Sean and Maxim
Thank you for your comments and advices.
Firstly I tried to do with custcerts keystore but I could not remove error.
Based on the indicating "the a certificate file upload widget below the "test connection" button", I finally noticed the widget.
Since the widget is below the "error message", the widget was not displayed without moving scroll bar down to bottom.
Finally I had the successful test connection. "test connection button"
"error message" <--- colored red (initially here was the bottom of my pc browser's screen)
"certificate upload widget"
I wonder the reason why custcerts keystore did not work form me may be related to the differences between resilient-messaging.service and resilient-email.service.
------------------------------
Yohji Amano
------------------------------
Original Message:
Sent: Wed January 08, 2020 04:46 AM
From: MAXIM ANTONOV
Subject: how to proceed the error message of inbound email configuration
Hi Yohji,
I see you have used the "test connection" button to verify if the inbound email connection works, and you got the "untrusted certificate" error. In this case the UI presents a certificate file upload widget below the "test connection" button. There is no need to do anything with keystores, certificates are added through the UI. Upload the email server certificate file using the presented file upload widget. After uploading the file, clicking "test connection" should return a successful response.
------------------------------
MAXIM ANTONOV
Original Message:
Sent: Wed January 08, 2020 02:07 AM
From: Yohji Amano
Subject: how to proceed the error message of inbound email configuration
I encountered the following error message during Resilient V35 inbound email configuration (Exchange protocol) test connection.
Connection to mailbox '<mailbox_name>' failed. There was a problem with the server certificates. Upload the correct mailbox server certificates to complete the connection.
I took the the above error message would come from un-trusted SSL certificate of exchange server. So I followed the steps of "Importing untrusted certificates"
of "https://www.ibm.com/support/knowledgecenter/SSBRUQ_35.0.0/com.ibm.resilient.doc/install/resilient_install_importuntrusted.htm".
But I still cannot remove the error. How should I proceed the against the error message?
/var/log/resilient-email/resilient-email.log repeatedly error logs:
16:02:40.368 [Camel (camel-1) thread #41 - res-ews://https://ews.example.com/ews/exchange.asmx] WARN v=unknown c.i.r.c.EwsScheduledBatchPollingConsumer - Caused by: [javax.mail.MessagingException - Unable to create Query]javax.mail.MessagingException: Unable to create Query at com.ibm.resilient.camelcomponentews.EwsApiImpl.createQuery(EwsApiImpl.java:337) at com.ibm.resilient.camelcomponentews.EwsApiImpl.getAvailableMessageCount(EwsApiImpl.java:355) at com.ibm.resilient.camelcomponentews.EwsScheduledBatchPollingConsumer.getAvailableMessageCount(EwsScheduledBatchPollingConsumer.java:38) at com.ibm.resilient.camelcomponentews.EwsScheduledBatchPollingConsumer.poll(EwsScheduledBatchPollingConsumer.java:83) at org.apache.camel.impl.ScheduledPollConsumer.doRun(ScheduledPollConsumer.java:174) at org.apache.camel.impl.ScheduledPollConsumer.run(ScheduledPollConsumer.java:101) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:522) at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:319) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:191) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1160) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.lang.Thread.run(Thread.java:812)Caused by: microsoft.exchange.webservices.data.core.exception.service.remote.ServiceRequestException: The request failed. java.security.cert.CertificateException: Self-signed mail server certificate detected when the following error occurred: at microsoft.exchange.webservices.data.core.request.SimpleServiceRequestBase.internalExecute(SimpleServiceRequestBase.java:74) at microsoft.exchange.webservices.data.core.request.MultiResponseServiceRequest.execute(MultiResponseServiceRequest.java:158) at microsoft.exchange.webservices.data.core.ExchangeService.internalFindFolders(ExchangeService.java:377) at microsoft.exchange.webservices.data.core.ExchangeService.findFolders(ExchangeService.java:402) at com.ibm.resilient.camelcomponentews.EwsApiImpl.getFolderId(EwsApiImpl.java:262) at com.ibm.resilient.camelcomponentews.EwsApiImpl.getFolderId(EwsApiImpl.java:218) at com.ibm.resilient.camelcomponentews.EwsApiImpl.createQuery(EwsApiImpl.java:329) ... 12 common frames omittedCaused by: java.lang.RuntimeException: java.security.cert.CertificateException: Self-signed mail server certificate detected when the following error occurred: at com.ibm.resilient.camelcomponentews.EmailHostnameVerifier.verify(EmailHostnameVerifier.java:89) at com.ibm.resilient.camelcomponentews.EmailHostnameVerifier.verify(EmailHostnameVerifier.java:60) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:461) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:395) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at microsoft.exchange.webservices.data.core.request.HttpClientWebRequest.executeRequest(HttpClientWebRequest.java:292) at microsoft.exchange.webservices.data.core.request.ServiceRequestBase.getEwsHttpWebResponse(ServiceRequestBase.java:722) at microsoft.exchange.webservices.data.core.request.ServiceRequestBase.validateAndEmitRequest(ServiceRequestBase.java:646) at microsoft.exchange.webservices.data.core.request.SimpleServiceRequestBase.internalExecute(SimpleServiceRequestBase.java:62) ... 18 common frames omittedCaused by: java.security.cert.CertificateException: Self-signed mail server certificate detected when the following error occurred: at com.resilient.email.SelfSignedCertificateAwareTrustManager.checkServerTrusted(SelfSignedCertificateAwareTrustManager.java:97) at com.ibm.resilient.camelcomponentews.EmailHostnameVerifier.verify(EmailHostnameVerifier.java:74) ... 35 common frames omittedCaused by: java.security.cert.CertificateException: None of the TrustManagers trust this MAILSERVER certificate chain. at com.resilient.email.SelfSignedCertificateAwareTrustManager.checkServerTrusted(SelfSignedCertificateAwareTrustManager.java:85) ... 36 common frames omitted
------------------------------
Yohji Amano
------------------------------