Installing trusted intermediate certs on ActiveIQ Unified Manager (exOCUM) 9.7P1 for mailauth and AD

mario_grunert · ‎2020-10-09

I dont' get mails out with a new mailhost wich requires authentification, TSL and SSL.

I also could not bind to our domain (which require SecureLDAP for authentification.

As i have no clue what could it be i tried first if i could authentificate on a "plain" not by company managed linux instance, it failed until i updated the root certs.

So I gained root access for the appliance VM (press e on bootup and init=/bin/bash - passwd and modify sshd.conf) :
openssl s_client -connect authmail.acme.biz:587 -starttls smtp --> showed errors
openssl s_client -connect authmail.acme.biz:587 -starttls smtp -CAfile certchain.pem --> worked
cp the chain in /usr/local/share/ca-certificates/extra and run update-ca-certificates
openssl s_client -connect authmail.acme.biz:587 -starttls smtp --> looks fine

But sending out emails or testing "Remote Authentification" still fails.
"Failed to send email. Check that the SMTP server is configured correctly and refer to the SMTP server logs for details. Additional details: Could not connect to SMTP host: authmail.acme.biz port: 587"

Does the use separate root ca stores i am not aware of ?
Which username format should i use for authentification against ActiveDirectory and Mailhost, UserprincipleName myuser@acme.biz or Netbios ACME\myuser format ?

paul_stejskal · ‎2020-10-14

Sorry for the latent reply. I'd open a support case since it isn't working.

Installing trusted intermediate certs on ActiveIQ Unified Manager (exOCUM) 9.7P1 for mailauth and AD

The Future of Storage, Built for the AI Era

NetApp Support Site Wins Silver Stevie® Award