Error msg with SMTP Email and SSL certificate - need any help please !

[tglomb]

Hello,
I must send an email via SSL to a SMTP Server. An external request is that I must use a Java keystore file *.jks ! I have no *.pem available and this is also not an option. Username, PWD and keystore file are Ok, because I can open an external Web Config App and doing changes there.
The code is:
--------------------------------------------------------------------------
ThisSend.SSL                 = 1
 ThisSend.SecureEmailStartTLS = 0
 if ThisSend.SSL or ThisSend.SecureEmailStartTLS
   ThisSend.AuthUser     = 'myname'
   ThisSend.AuthPassword = '1234567890'
   ThisSend.SSLCertificateOptions.CertificateFile = ''
   ThisSend.SSLCertificateOptions.PrivateKeyFile = 'D:\somefolder\mailkeystore.jks'
   ThisSend.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 0
   ThisSend.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 0
   ThisSend.SSLCertificateOptions.CARootFile = ''
 end
ThisSend.SetRequiredMessageSize( 0, len( clip( loc:theText)), 0)
 if ThisSend.Error = 0
   if len( clip( loc:theText)) > 0
     ThisSend.MessageText= clip( loc:theText)
   end
   setcursor( CURSOR:WAIT)
   display()
   ThisSend.SendMail( NET:EMailMadeFromPartsMode)
------------------------------------------------------------------
I got the Error -68 "SSL failed to load the CA root file".

So, how to use jks files. Any hints apreciated.
TIA, Thomas

[Bruce]

NetTalk uses OpenSSL. OpenSSL uses the PEM store. You can convert the JKS to .PEM - but you can't use JKS directly.

Sorry.
Bruce

[tglomb]

Thnx Bruce, I'll look for a converter and report back.

[Bruce]

converting is easy. Google "converting JKS to PEM"

cheers
Bruce

[tglomb]

yup, I could convert my .jks successfully. I also could send an email to that special email server using a ThisSendEmail object. At least I got no error message, what ever that means..
Their System always answers, so I need to receive their answers via POP3. Here I get now always the following error message:

"Nettalk object error"
A Network communication error has occurred.
Error = The POP (Email) Server returned error =.
Error occurred in function NetMail._ProcessRaiseError

I tried also hte Receive and Emaildontdownloadagain Demo's.. same error.
Any ideas ?
TIA Thomas

[Bruce]

usually I use the NetDemo example, EmailReceive procedure, to play around with the settings to see what is happening. You can view the "raw conversation" between the Demo program and the Email server, and you can also play with any number of settings to see what's going on.

cheers
Bruce

[tglomb]

Ok, sorry for bore the pants of you Bruce.. ;-)
But can you give me a hint of how to "You can view the "raw conversation" between the demo program and the Email Server".. how or where I can see it please ?
TIA, Thomas

[Bruce]

I would have pointed you at the LOG tab, but interestingly the Emailreceive procedure doesn't have one. (The EmailSend, and a bunch of others do, but not EmailReceive.) That's an oversight, so I've added it to the demo for the next build.
I've attached an updated demo app here. So, um, use that, and then see the Log tab.

cheers
Bruce


[attachment deleted by admin]

[tglomb]

thnx Bruce for your awesome Support ! Highly appreciated !
Do you have an idea why the communication breaks with or after the "." There should be 2 emails waiting, so this seems to be Ok. (user/pwd/ect grayed out here). TIA Thomas

CONNECTED
 << +OK POP3 server (************) ready

 >> USER *******************

 << +
 << OK

 >> PASS **********************

 << +
 << OK Welcome *********************

 >> STAT

 << +
 << OK 2 0

 >> LIST

 << +
 << OK
1 0
2 0
.

[tglomb]

ahhh...
two email but of zero size !? and maybe thatswhy the break without any error msg ?
Ok, it's time for a suggestion.. NT breaking here with a meaningful error msg ;-)

Now it's their turn to explain why Zero size..
Thnx again Bruce.

[tglomb]

Housten, we have a problem !
They looked into the mailbox and confirmed that there are 2 mails waiting and that both have a size > 0 !

So, what can be wrong with STAT or LIST returning non-zero count but zero size ?
TIA, Thomas

[Bruce]

apparently, from what I can determine, it's a technique email servers use to indicate that the mail is there, but has already been downloaded by someone.  Goolge showed these people having the same problem
http://productforums.google.com/forum/#!msg/gmail/4VCDiwV_9eM/r7MfdXAWFtwJ

What email server are you connecting to? And if you delete the two errant emails, are you able to download new emails? and what happens after that?

cheers
Bruce

[tglomb]

I only know it's a Java based system, high secure, non public. I connect to it over a Software component of them which acts as a local email Server and tunnel to their system. I send emails and get an automatically created response email in my mailbox. I sent 2 emails, I got 2 respnses so far. The mails are not touched, have non-zero Content and not marked for deleting. I cannot delete it explicitely by myself, only in a "non UI" process of a POP3 communication (download and delete together; this is part of the protocol of the mother process..).
For every new send mail (works fine) the first retrieve shows zero content of the answer mails.
Any ideas ?
TIA, Thomas

[Bruce]

Unfortunately the next step is to look inside the class, and figure out what path it is taking. Obviously I can't access your sever from here, so I can't debug it for you. But you'll need to follow through the code as it does the LIST, and then see what decisions it makes after that.

cheers
Bruce

[tglomb]

I'm sorry Bruce for that trouble I make. But this is part of a new certification of my software against the authority of our public (governmental) health system and I'm under pressure...

Meanwhile they gave me a one time certificate for an "outside of process" usage and I could successfully retrieve the pending emails via Thunderbird portable.
So the certificate cannot be the prob, they use JKS, with NT I use PEM, Thunderbird uses PKCS (the last two I converted from the base JKS).

The response mails are formal and of type "message disposition notification" (MDN) according to RFC 3798, thus:  content-type "multipart/report" with report-type "disposition-notification". Are ringing the bells maybe ? 

Ok, I try to debug the classes regarding LIST..