Email sending error - certificate issue after upgrading to Kentico 13

Neelima Kanthala asked on February 13, 2024 00:09

Getting below error while sending an email from Kentico 13 admin -> system -> email with basic smtp authentication settings.

It was working fine from kentico 12 portal engine with same smtp server and authentication.

SMTP server has old expired certs and also new cert with validity. How can I get application to pick the valid cert and make it work

An error occurred while attempting to establish an SSL or TLS connection. The server's SSL certificate could not be validated for the following reasons: • The server certificate has the following errors: • A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. (hide details) Message: An error occurred while attempting to establish an SSL or TLS connection. The server's SSL certificate could not be validated for the following reasons: • The server certificate has the following errors: • A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. Exception type: MailKit.Security.SslHandshakeException Stack trace: at MailKit.Net.Smtp.SmtpClient.d__100.MoveNext() in D:\src\MailKit\MailKit\Net\Smtp\SmtpClient.cs:line 1421 --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at MailKit.Net.Smtp.SmtpClient.Connect(String host, Int32 port, SecureSocketOptions options, CancellationToken cancellationToken) in... Please see the event log for more details.

Recent Answers

Ben Quinlan answered on February 13, 2024 13:51

Given you have mentioned upgrading from K12 Portal Engine to K13, my first thought would be that this may be related to the website being deployed to new infrastructure. The error returned is quite explicit in that the issue is that the SSL/TLS certificate returned is not within its validity period.

  • First and easiest check would be to validate that the server time is correct.
  • If you are using an internal relay, as opposed to a third party provider (e.g. SendGrid), then its possible the certificate has expired. You can then reach out to whoever manages the internal relay to confirm that validity of the certificate.
  • If using a third part provider, while not impossible, it is less likely the certificate has expired. In this case I would probably investigate whether there are any proxies or SSL inspection services as part of the outbound requests that be causing issue with SSL/TLS validation.
0 votesVote for this answer Mark as a Correct answer

Neelima Kanthala answered on February 15, 2024 17:58 (last edited on February 15, 2024 18:05)

Thanks Ben for the reply. Looks like SSL not enabled on the network and test email from admin was working using smtp server name and EmailFrom address should be same as SMTP user account or need to setup send as feature on email account.

When I try to send email using KenticoUserManager.SendEmailAsync method, emails are sitting in the queue and not going out. Noticed emailSiteId is not being passed from kenticoUserManager in CMS_Email table. Can you please advise how SiteID is being picked in SendEmailAsync method. I assume emails not going out because siteId is zero.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.