In the past couple of weeks, we've had several customers start having issues with voicemail notifications generated from the CUE module. I've tried multiple providers (google,yahoo, outlook.com) and I get similar errors for all of them. The debug is
2327 01/03 14:31:06.216 VMSS mnot 0 DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc] DEBUG SMTP: useEhlo true, useAuth true DEBUG SMTP: trying to connect to host "smtp.gmail.com", port 465, isSSL false Send failed, UID=0 2327 01/03 14:31:06.225 VMSS mnot 0 EmailSender: Error sending emailjavax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com, port: 465; nested exception is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I've generated a new SSL cert on the CUE module, I can ping the hostname from the CUE module, there's no ACL blocking, but I get the same thing. Is anyone else having a similar issue or have any suggestions?
I want to add on this issue. It's a major flaw that there is no way to add root certificates for SMTP without shell access, especially for the devices which cannot be placed under support.
In the past I was able to upload valid these by hacking to shell access, for that I had patched an installation image, corrected the checksum, booted, mounted the disk and uploaded to cacert storage. With the SRE hardware (secure bootstrap) that is not possible anymore, but one could try removing the disk, mounting on a linux system and update cacert from there.
The only valid workaround remains to setup a local SMTP server that then relays as needed.