SocketTimeoutException when sending email With STARTTLS
プラットフォームについて: Cloud および Data Center - この記事はクラウドと Data Center 両方のプラットフォームに等しく適用されます。
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Fisheye および Crucible は除く
問題
When sending a test email via an STARTTLS connection mail won't be sent and the following error message is displayed:
com.atlassian.mail.MailException: javax.mail.MessagingException: Exception reading response;
nested exception is:
java.net.SocketTimeoutException: Read timed outThe following appears in the atlassian-confluence.log
An error has occurred with sending the test email:
com.atlassian.mail.MailException: javax.mail.MessagingException: Exception reading response;
nested exception is:
java.net.SocketTimeoutException: Read timed out
at com.atlassian.confluence.jmx.JmxSMTPMailServer.doSendWithMessageIdSupport(JmxSMTPMailServer.java:143)
at com.atlassian.confluence.jmx.JmxSMTPMailServer.send(JmxSMTPMailServer.java:88)
at com.atlassian.confluence.admin.actions.mail.SendTestEmailAction.execute(SendTestEmailAction.java:60)
診断
環境
If you unsure you had STARTTLS mail server or SSL mail server, you can you below's tool to identify it
http://www.checktls.com/perl/TestReceiver.pl
ソリューション
Since STARTTLS upgrades the connection to TLS after it has been established, the standard way of retrieving SSL certificates will not work.
Additional argument "-starttls smtp" is required in the openssl call.
openssl s_client -debug -connect mail.mycompany.com:587 -starttls smtp < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > public.crt
jre/bin/keytool -import -alias tomcat -keystore jre/lib/security/cacerts -file public.crt
Standard certificate store password is "changeit".
Repeating this for all required certificates