Android Question SMTP Exchange Server Problem

mmieher · Jun 11, 2016

I am trying to send SMTP email via our Exchange Server 2016. I use this code:

B4X:

      SMTP1.Initialize("*******.com", 587, "user", "pwd", "SMTP")

      SMTP1.StartTLSMode = True
   
      SMTP1.AuthMethod = SMTP1.AUTH_LOGIN

However, when I do the SMTP1.Send I get the following error:

java.security.cert.CertPAthValidatorException: Trust anchor for certification path not found.

Ideas?

Marc

Erel · Jun 12, 2016

The device doesn't trust the server certificate. You need to add it to the device credentials store: https://www.guyrutenberg.com/2013/03/16/manually-install-ssl-certificate-in-android-jelly-bean/

mmieher · Jun 13, 2016

Thanks, Erel. That might work on my phone, but what about the potentially hundreds of other phones that download my App from the PlayStore?

Erel · Jun 13, 2016

The best solution is to install a known certificate on the server.

Currently SMTP doesn't support self signed certificated.

mmieher · Jun 13, 2016

I have GoDaddy certificates on the Exchange Server. It is not self-signed.

I can connect just find with an IMAP or POP3 config on my Android device, just not through my B4A App.

mmieher · Jun 13, 2016

Never mind, Erel. I now think I do have a certificate problem on Exchange Server. It is not using the GoDaddy one. Sorry for the fire drill.

mmieher · Jun 13, 2016

I got the certificate thing worked out but still get the "Trust anchor for certification path not found" error.

Here is the DigiCert report for the site:

Erel · Jun 14, 2016

Maybe this will be helpful: http://stackoverflow.com/questions/36838470/android-does-not-trust-a-certificate

mmieher · Jun 15, 2016

Thanks, Erel. Using your link I tested my certificate path setup at SSL Labs and the Exchange Server is delivering the intermediate certificate. I also verified this with GoDaddy support.

However, I have noticed that even when setting up IMAP on my Android email, I must choose "TLS Accept All Certificates". Selecting just TLS gives me a certificate error. I also noticed that all the Android documentation for setting up email specifically tells you to "Select All Certificates".

Is there a way in B4A to specify "TLS Accept All Certificates"?

Erel · Jun 16, 2016

mmieher said:
I also noticed that all the Android documentation for setting up email specifically tells you to "Select All Certificates".

This can't be correct as it is a huge security hole.

mmieher said:
Is there a way in B4A to specify "TLS Accept All Certificates"?

Currently no.

mmieher · Jun 16, 2016

I agree something is not right. Just stumped because certificate reports all say it is Ok. Even GoDaddy agreed. Site is owa.evhops.com.

Android Question SMTP Exchange Server Problem

mmieher

Active Member

Erel

B4X founder

mmieher

Active Member

Erel

B4X founder

mmieher

Active Member

mmieher

Active Member

mmieher

Active Member

Erel

B4X founder

mmieher

Active Member

Erel

B4X founder

mmieher

Active Member

Similar Threads