Graylog can't send e-mails since we have a new mailserver

chris81 · February 18, 2020, 12:57pm

The error message is as follows:
"### An error occurred while trying to send an email! (triggered a few seconds ago)

The Graylog server encountered an error while trying to send an email. This is the detailed error message: org.apache.commons.mail.EmailException: Sending the email to the following server failed : imap.fleuchaus.com:587 (javax.mail.MessagingException: Could not convert socket to TLS; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target)"

Any ideas on how I might solve this?

shoothub · February 18, 2020, 1:59pm

I checked it, and your new server uses self signed certificate, which graylog don’t like:
openssl s_client -starttls smtp -showcerts -connect imap.fleuchaus.com:587 -servername imap.fleuchaus.com

Anyway, your SMTP server uses a lot of old protocols like RC4, SSL3 and so on:
nmap -Pn --script ssl-enum-ciphers imap.fleuchaus.com -p 587
https://www.immuniweb.com/ssl/?id=jeMgCjEK

system · March 3, 2020, 1:59pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Issue with smtp server Graylog Central (peer support)	1	670	May 14, 2019
Email ssl error Graylog Central (peer support)	5	1474	February 25, 2019
Smtp authentication Graylog Central (peer support)	2	1346	October 6, 2020
Graylog transport email error using gmail as smtp Graylog Central (peer support)	11	2738	February 12, 2018
Email Alerts self-signed cert - unable to find valid certification path to requested target Graylog Central (peer support) alert	4	931	March 30, 2023

Graylog can't send e-mails since we have a new mailserver

Related Topics