Recently, our SMTP server, renewed its SSL certificate.
Since this moment, Graylog cannot send notifications through our SMTP server.
How can I accept the new SSL cert?
The error at website is:
Could not send test alert notification
Sending test alert notification failed with message: Sending the email to the following server failed : correo.xxxxxxxxxx.com:587
(domain name changed)
And the error in /var/log/graylog-server/server.log is:
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:1.8.0_121]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:1.8.0_121]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:1.8.0_121]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) ~[?:1.8.0_121]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[?:1.8.0_121]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:1.8.0_121]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496) ~[?:1.8.0_121]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:1.8.0_121]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026) ~[?:1.8.0_121]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961) ~[?:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[?:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[?:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[?:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[?:1.8.0_121]
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:543) ~[graylog.jar:?]
at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:480) ~[graylog.jar:?]
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1994) ~[graylog.jar:?]
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:709) ~[graylog.jar:?]
at javax.mail.Service.connect(Service.java:386) ~[graylog.jar:?]
at javax.mail.Service.connect(Service.java:245) ~[graylog.jar:?]
at javax.mail.Service.connect(Service.java:194) ~[graylog.jar:?]
at javax.mail.Transport.send0(Transport.java:253) ~[graylog.jar:?]
at javax.mail.Transport.send(Transport.java:124) ~[graylog.jar:?]
at org.apache.commons.mail.Email.sendMimeMessage(Email.java:1411) ~[graylog.jar:?]
... 33 more
Another message at Graylog website:
An error occurred while trying to send an email! (triggered an hour ago)
The Graylog server encountered an error while trying to send an email. This is the detailed error message: org.apache.commons.mail.EmailException: Sending the email to the following server failed : correo.xxxxxxxxx.com:587 (javax.mail.MessagingException: Could not convert socket to TLS; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)