Skip to Content
1
Sep 07, 2017 at 09:14 PM

Looking for help configuring Email Destination in BusinessObjects 4.2 SP4 with SSL?

3300 Views Last edit Nov 20, 2017 at 05:42 PM 3 rev

Hello,

Sorry for all the posts recently and for the long post here, trying some different things with SP4 since it is new and running into weird things.

While I have setup a SMTP Destination in BOBJ before, and have done SSL previously using an intermediate server forwarding the request, I have not gotten it to work properly configuring it inside BOBJ itself. with SP4, the options for StartTLS and the TLS options are there to do this, as well as an option to override the default certificate location.

I used openssl s_client -showcerts -connect email-smtp.us-east-1.amazonaws.com:465 to get the certificate chain ---- BEGIN CERTIFICATE ---- .... ---- END CERTIFICATE ---

Copied the certificate into a certificate.crt file and placed it in a directory D:\SSL\smtp-ssl. Copied this into the win64_x64 directory where the default location is, configured the server for email-smtp.us-east-1.amazonaws.com with a port of 587 and connection Security for StartTLS with TLS version of 1.2 (verified with openssl). I also set the SMTP Certificate to: D:/SSL/smtp-ssl/certificate.crt

When I try to run a report, I get the following error: [SSL negotiation has failed during setup of the SMTP server connection, please ensure your SSL configuration is correct on both the client and the server.]. [CrystalEnterprise.SMTP]

I upped the logging level to High, ran it again, and see the following:

(destination_smtp.cpp:732) SSLCertPath: D:\SSL\smtp-ssl\certificate.crt
(opensslsocket.cpp:196) Could not load authorized certificate "D:\SSL\smtp-ssl\certificate.crt" from directory "". SSL error: error:00000000:lib(0):func(0):reason(0)
(csismtpmail.cpp:1103) Failed to connect to SMTP server: SSL negotiation has failed during setup of the SMTP server connection, please ensure your SSL configuration is correct on both the client and the server.
(destination_smtp.cpp:1440) destination_smtp: exception caught while connecting to server/sending smtp message. Details: [SSL negotiation has failed during setup of the SMTP server connection, please ensure your SSL configuration is correct on both the client and the server.].

I tried to move the certificate into the default location under win64_x64 and set the certificate path to the default variable, and got the same error message with the updated path to the certificate. I also tried to change it from StartTLS to SSL/TLS with port 465 and got the same result.

I am not sure what it means by an authorized certificate and why it shows directory as "". the certificate shows valid when opening the crt in Windows. Not sure why we need the email server certificate anyway since other tools can send SSL email without this, but that's besides the point.

We are trying to configure this with Amazon SES Email, but that shouldn't matter as we were able to create the SSL connection to it outside of BOBJ and send an email from that server with a test utility.

Has anyone configured the SSL Email before?

Thanks in advance,

Nathan