cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Mail sender adapter POP3 over SSL error

Former Member

on ‎11-12-2014 10:08 PM

0 Kudos

Hello,


I'm getting this error while trying to configure sender mail adapter over SSL.

Error : "exception caught during processing mail message; iaik.security.ssl.SSLCertificateException: Peer certificate rejected by ChainVerifier"

Based on my search in SCN I understood it's something to do with the certificate I installed, but need help to fix the error.

I loaded the root server CA certificate to trusted CA in the keystore, it didn't help..what other certificates do I need to install and where?



URL : pops://xxx.abc.com

I didn't give the port as 995 in the URL as that's the default PI port.

We use exchange server, so please advise what other certificates I needed to establish this connection over SSL and where do I need to load these certificates. How the mail adapter knows which certificate it needs to use as I do not see any path to be mentioned in the communication channel.

If I tried to use without SSL with pop://xxx.abc.com I'm getting an error saying "exception caught during processing mail message; java.io.IOException: unexpected greeting response; read *****( some weird characters)


Review and advise.

Thank you.

Larry.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎11-17-2014 11:08 PM
0 Kudos

In the default trace I see this error, can you please review and advise whats wrong here?

Message:    additional info ssl_debug(9): Starting handshake (iSaSiLk 4.403)...

ssl_debug(9): Sending v3 client_hello message to xxx.abc.com:995, requesting version 3.1...

ssl_debug(9): Received v3 server_hello handshake message.

ssl_debug(9): Server selected SSL version 3.1.

ssl_debug(9): Server created new session ...

ssl_debug(9): CipherSuite selected by server: SSL_RSA_WITH_RC4_128_SHA

ssl_debug(9): CompressionMethod selected by server: NULL

ssl_debug(9): TLS extensions sent by the server: renegotiation_info (65281)

ssl_debug(9): Server supports secure renegotiation.

ssl_debug(9): Received certificate handshake message with server certificate.

ssl_debug(9): Server sent a 2048 bit RSA certificate, chain has 2 elements.

ssl_debug(9): ChainVerifier: Error verifying certificate chain: java.security.SignatureException: Signature decryption error: javax.crypto.BadPaddingException: Invalid PKCS#1 padding: no leading zero!

ssl_debug(9): Sending alert: Alert Fatal: bad certificate

ssl_debug(9): Shutting down SSL layer...

ssl_debug(9): SSLException while handshaking: Peer certificate rejected by ChainVerifier

Thank you

Larry.

Show replies
Show replies
Former Member
‎11-18-2014 12:00 AM
0 Kudos

Hi Larry,

Most likely your public certificate and private certificate do not match or  wrong certificate being used for validating the signature. Please check your private and its corresponding public certificate.

Thanks,

Krupa

Former Member
‎11-13-2014 5:43 AM
0 Kudos

Hi Larry,

I think, the problem might be with cache, try to do full cache refresh by adding server details in the mentioned below URL, after full cache successful, test the interface again and the result.

http ://<server>:<port>/CPACache/refresh?mode=full

If it doesn't work use XPI inspector to get the more trace logs by following the Michal's blog.

http://scn.sap.com/community/pi-and-soa-middleware/blog/2012/01/12/michals-pi-tips-xpi-inspector--he...

Regards,

Krupa

Show replies
Show replies
nabendu_sen
Active Contributor
‎11-12-2014 11:31 PM
0 Kudos

Hi Larry,

Use default port 995 for POP3 over SSL.


SAP Note 856599 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 Mail Adapter

You don't need to provide anything in the Communication Channel for SSL.

Check these too:

Regards,

Nabendu.

Show replies
Show replies
Ask a Question