Skip to Content

Looking for help configuring Email Destination in BusinessObjects 4.2 SP4 with SSL?

Sep 07, 2017 at 09:14 PM


avatar image


Sorry for all the posts recently and for the long post here, trying some different things with SP4 since it is new and running into weird things.

While I have setup a SMTP Destination in BOBJ before, and have done SSL previously using an intermediate server forwarding the request, I have not gotten it to work properly configuring it inside BOBJ itself. with SP4, the options for StartTLS and the TLS options are there to do this, as well as an option to override the default certificate location.

I used openssl s_client -showcerts -connect to get the certificate chain ---- BEGIN CERTIFICATE ---- .... ---- END CERTIFICATE ---

Copied the certificate into a certificate.crt file and placed it in a directory D:\SSL\smtp-ssl. Copied this into the win64_x64 directory where the default location is, configured the server for with a port of 587 and connection Security for StartTLS with TLS version of 1.2 (verified with openssl). I also set the SMTP Certificate to: D:/SSL/smtp-ssl/certificate.crt

When I try to run a report, I get the following error: [SSL negotiation has failed during setup of the SMTP server connection, please ensure your SSL configuration is correct on both the client and the server.]. [CrystalEnterprise.SMTP]

I upped the logging level to High, ran it again, and see the following:

(destination_smtp.cpp:732) SSLCertPath: D:\SSL\smtp-ssl\certificate.crt
(opensslsocket.cpp:196) Could not load authorized certificate "D:\SSL\smtp-ssl\certificate.crt" from directory "". SSL error: error:00000000:lib(0):func(0):reason(0)
(csismtpmail.cpp:1103) Failed to connect to SMTP server: SSL negotiation has failed during setup of the SMTP server connection, please ensure your SSL configuration is correct on both the client and the server.
(destination_smtp.cpp:1440) destination_smtp: exception caught while connecting to server/sending smtp message. Details: [SSL negotiation has failed during setup of the SMTP server connection, please ensure your SSL configuration is correct on both the client and the server.].

I tried to move the certificate into the default location under win64_x64 and set the certificate path to the default variable, and got the same error message with the updated path to the certificate. I also tried to change it from StartTLS to SSL/TLS with port 465 and got the same result.

I am not sure what it means by an authorized certificate and why it shows directory as "". the certificate shows valid when opening the crt in Windows. Not sure why we need the email server certificate anyway since other tools can send SSL email without this, but that's besides the point.

We are trying to configure this with Amazon SES Email, but that shouldn't matter as we were able to create the SSL connection to it outside of BOBJ and send an email from that server with a test utility.

Has anyone configured the SSL Email before?

Thanks in advance,


10 |10000 characters needed characters left characters exceeded

Got same isue here on the gmail ssl smtp : Certificate verification failed: unable to get local issuer certificate

still work in progress on my side,


Hi Nathan,

Would be able to solve this issue?

We are having same issue since a week but unable to find the solution yet. Any pointers will be highly appreacited


* Please Login or Register to Answer, Follow or Comment.

1 Answer

Best Answer
Jorge Fausto Mar 08 at 09:57 PM

We are using BO 4.2 SP4 and I believe I finally found the correct SMTP address to use for Office365.

I just went through dozens of hours of trying out different SMTP addresses, ports, credentials, MX records, DNS addresses, setting up connectors, creating SSL certificates and tracing messages until I found a combination that worked... Mind you this is the first time that we are using Crystal BO and all other service accounts that have ever sent out from our system used

First, I would like to point out that we are using proofpoint as a mail filtering service and our MX records were pointing to our spam filter address, however, I found that in order to get the email system to work, you have to use the original "Point to address or value" which in our case was ""

This is how my adaptive job server [destination] settings looked like:

Destination: Email

Domain Name: this was left blank


Port: 25

Authentication: None


Password: ********


"TO", "CC", "Subject", and "Message", "Deliver Document(s) as Attachment" should be irrelevant and up to you.

Enable SSL: This option was left UNCHECKED

Note: even though I selected "none" under authentication, the jobs would fail if there was no username and password in the provided fields.

If you have access to the office365 portal you should be able to find the "Point to address or value" under Setup>Domains, then look for the "MX Records", If there are more than one, you may have to try all of them and see which one works for you.

Hope this helps you folks.

Show 2 Share
10 |10000 characters needed characters left characters exceeded


Thanks for the response.

That still leaves it unencrypted still since it isn't ssl to the url and is running through port 25, but we kind of gave up on it and just went with the old method of using a local email relay that supports SSL email forwarding, that way it never leaves the box without being SSL.

Since I haven't gotten any other answer, I am going to accept this one since it does show a working setup for Office365 which itself was hard to find.

Thanks again.


Hello Nathan Truhan

So as far as I understand there is no way to make work BusinessObjects 4.2 with a SSL SMTP directly ? The 'Enable SSL' feature is basically broken ?