Remedy - Email Engine - Configuring JavaMail for TLS getting "Could not convert socket to TLS"

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy AR System Server


    APPLIES TO:

    9,x, 19.x



    PROBLEM:

    Trying to setup Email Engine for TLS per the documentation -

    Remedy - Email - Does the Remedy ARS Email engine support TLS (Transport Layer Security)?

    Log showing "Could not convert socket to TLS"

    Tested using -
    Remedy - Email Engine - How can I test my Mailbox Configuration outside of the Email Engine? Includes Video!

    NOTE snippet from Configuring SSL for the email engine -
    Email Engine does not support Transport Layer Security (TLS). However, Email Engine uses JavaMail, which supports the use of TLS parameters and therefore TLS can be used with Email Engine. For more information, see the https://communities.bmc.com/docs/DOC-95488 link on BMC Communities.


    CAUSE:

    Windows registry pointing to different Java location which did not have the mail server certification key.


    SOLUTION:

    1. Started Email Engine manually from the command prompt (run EmailStart.bat). Emails processed successfully over TLS.

    2. Checked the registry service setting for Email Engine and noticed Java path is different.

    E:\Java Link (x86)   <--- registry  (this supports MAPI)
    E:\Java Link   <-- EmailStart.bat  (already has cert key imported)

    3. Imported CA and cert key to "E:\Java Link (x86)".

    4. Restarted Email Engine from registry. Sent test email successfully over TLS.

    5. Enable TLS on the other Email Engine servers in server group:

    a. To Windows registry add -
    -Dmail.smtp.starttls.enable=true
    -Dmail.smtp,starttle.required=true


    b. To Windows registry change -  'JVM Option Count'  (this represents the number of JVM Options parameters)

    c. Import cert keys to "E:\Java Link (x86)".

    d. In AR System Email Messages Configuration form
    make sure you have the correct port and credentials from the SMTP mail server e.g.

    Email Server Requires SSL = No
    Email Server Port = 25  
    Email Server User =  <blank>
    Email Server Password = <blank>

    NOTE to use MAPI protocol you require 32-bit Java ref  Remedy - Email Engine - How to configure the EE using 64-bit Java to use the MAPI protocol with 32-bit Java?   Includes video

     


    Article Number:

    000175207


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles