Hi, can disable ssl and test to ensure cert is the issue. Thanks, Rupesh On Wed, Jul 23, 2025 at 12:14 PM Matt Pryor < pr...@international-presence.com> wrote:
> Hi all, > > Running the latest code, Apache James 3.8.2 Server JPA Guice. > > I'm seeing this error below when attempting to deliver to some recipients' > mail servers: > > 2025-07-22 12:17:49.917 [DEBUG] o.a.j.t.m.r.d.MailDelivrer - Exception > delivering message > (Mail1753186668620-a77a76bb-d3f4-4170-9f5e-8ca8159a2276-to-zzzzzzz.com) - > Could > not convert socket to TLS > 2025-07-22 12:17:49.918 [INFO ] o.a.j.t.m.r.d.MailDelivrer - Could not > convert socket to TLS > > My mailetcontainer.xml contains the following, it seems to work on most > occasions but (sod's law) not when the customer is testing it. > > <processor state="relay" enabledJmx="true"> > <mailet match="ALL" class="RemoteDelivery"> > .... > <startTLS>true</startTLS> > </mailet> > </processor> > > I enabled -Djavax.net.debug=ssl:handshake:verbose, -Dmail.debug=true and > after inspecting stderr I believe what's causing it is not trusting the > remote server's SSL certificate which causes Javamail to abandon the > connection. > > Testing with openssl, it seems that the SSL certificate CN doesn't match > the server hostname. > > This must be a common problem in the wild. > > Does anyone have any workarounds? I've tried setting > -Dmail.smtp.ssl.trust=* but it doesn't seem to make any difference. > > Many thanks in advance. > > Kind regards > Matt Pryor > Research and Development Manager > > The International Presence Group of Companies > EMAIL: pr...@presencebpm.com > URL: www.International-presence.com >
