Email Config Setup
Steps
Step 1: Install OpenSSL (Unix box) 2
Step 2: Create Certificate of Gmail SMTP (Not required when connecting to local Exchange) 2
Certificate ( save it as smtp-gmail.txt) 2
Step 3: Go to Middleware Installation location : Server Lib 3
Run below command at cmd / console 6
save console output as certificate (gmail-imap-cert.pem) 6
Run command for certificate Import (Weblogic / server / lib) 7
Click on User Messaging Services – Email 10
Enter Sender address as Blank 11
Enter Imap and SMTP details as below snapshot 12
Click on Soa – Infra – Workflow properties 13
Step 1: Install OpenSSL (Unix box)
-
wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz.md5
-
md5sum openssl-1.0.1g.tar.gz
-
cat openssl-1.0.1g.tar.gz.md5
-
make
-
sudo make install
-
/usr/local/openssl/bin/openssl version
OpenSSL 1.0.1g 7 Apr 2014
Step 2: Create Certificate of Gmail SMTP (Not required when connecting to local Exchange)
openssl s_client -connect smtp.gmail.com:465 > gmail-smtp-cert.pem
Certificate ( save it as smtp-gmail.txt)
—–BEGIN CERTIFICATE—–
MIIEgDCCA2igAwIBAgIIbMdvNv1SL+UwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTYxMjE1MTM0NzU1WhcNMTcwMzA5MTMzNDAw
WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOc210
cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQjZ2Z
5ImVyYAD6SXJo0Rx/k5Ej5oKVpLgoCxt8xJHpiWZ8mLEgG8346g6Zd/uGk0LXep6
fAzFBgjcgwlAwbT2OXA+CpdRrpiBls9U7ZVlfMuxv4SJjzdzqtXyaZr3ZazeKVc9
qewkiG+uPI5P3G2oRq1DKwFVDE4zUMJgiAF9rEXTEID83RoJX3oTXd3sYyzbTrtU
J/ZRflTEt+KwXf5KYY0ukIOYoH4Y7cms2WsU15E+O37Ktx3VPEmxZbUcg2IUNr+G
1HDOlVr9gS41Zo1iyaq5Ym4LJ73BxWx/4u5WUt9TmiGFzi/wTZZrER6P6HOtZ5eK
IreSihW+lJJF/p+7AgMBAAGjggFLMIIBRzAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwGQYDVR0RBBIwEIIOc210cC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
A1UdDgQWBBS8KjjFZ3i+sOSWDxVrVdwxYz2Z9TAMBgNVHRMBAf8EAjAAMB8GA1Ud
IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1UdIAQaMBgwDAYKKwYBBAHW
eQIFATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n
bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAXGvMhx4eDA1qRtE4
x7v0CR+sk4L+PDoyqmuO9Dzq22Jaet/+0aZ4A/ylyTWZkBsayES18ptoKe0A21tr
sxv7vvU072ZnXXLM+Q9vFrd6NQaAlGB5OcfnJoLppv/P5o9AmHQfgYCJq5HmHUa5
tKWfne3wtZXwaM2aI3Rf7FtwBbgR9teWpkfVq7oFpZWYf+FRPC3iVFZ8dqlVnwGU
l55XKckNXixCAt5UMuQdgTYXMZuhJVySwzl5wcsP1tYUBOAWPI/cLy2rIUqBdPda
erNEvtmiTFX0ArYotLnIqZ1XZ1o6XmbrYfF5t3TGj4iJQHSi3emTSvMXzjnmkf02
f3iIMw==
—–END CERTIFICATE—–
Step 3: Go to Middleware Installation location : Server Lib
Sending email
1 . cd D:\Oracle\Middleware\Oracle_Home_Latest\wlserver\server\lib
2. keytool -import -alias smtp.gmail.com -keystore DemoTrust.jks -file smtp-gmail.txt
Default Password : DemoTrustKeyStorePassPhrase
Console Output
D:\Oracle\Middleware\Oracle_Home_Latest\wlserver\server\lib>keytool -import -ali
as smtp.gmail.com -keystore DemoTrust.jks -file smtp-gmail.txt
Enter keystore password:
Owner: CN=smtp.gmail.com, O=Google Inc, L=Mountain View, ST=California, C=US
Issuer: CN=Google Internet Authority G2, O=Google Inc, C=US
Serial number: 6cc76f36fd522fe5
Valid from: Thu Dec 15 19:17:55 IST 2016 until: Thu Mar 09 19:04:00 IST 2017
Certificate fingerprints:
MD5: 01:88:63:43:F1:52:A2:AA:48:87:6F:B5:CF:1D:49:53
SHA1: 78:B6:3A:18:6A:C0:D5:EE:EC:59:9A:05:2B:09:AD:A0:78:CD:CE:82
SHA256: 04:05:3D:6E:88:2F:CC:E2:63:DA:DA:A6:B5:4E:D0:A3:09:53:3A:44:63:
76:35:B2:59:E8:C4:37:42:05:36:94
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: BC 2A 38 C5 67 78 BE B0 E4 96 0F 15 6B 55 DC 31 .*8.gx……kU.1
0010: 63 3D 99 F5 c=..
]
]
#2: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4A DD 06 16 1B BC F6 68 B5 76 F5 81 B6 BB 62 1A J……h.v….b.
0010: BA 5A 81 2F .Z./
]
]
#3: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://pki.google.com/GIAG2.crl%5D
]]
#4: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: smtp.gmail.com
]
#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.1]
[] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]
#6: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
#7: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
#8: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: http://pki.google.com/GIAG2.crt
,
accessMethod: ocsp
accessLocation: URIName: http://clients1.google.com/ocsp
]
]
Trust this certificate? [no]: yes
Certificate was added to keystore
Receiving Email
Run below command at cmd / console
openssl s_client -connect imap.gmail.com:993 > gmail-imap-cert.pem
save console output as certificate (gmail-imap-cert.pem)
—–BEGIN CERTIFICATE—–
MIIEgDCCA2igAwIBAgIINkQ6uScys0wwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTYxMjE1MTQxMDE2WhcNMTcwMzA5MTMzNTAw
WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOaW1h
cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkhzW1
JhnPIEjowuZ2JiVvVIIR/CWHhTS4iAhp4DAxwxHzULqhwLvcuHrnpUZRsWcFF9Z+
hqAlmnD+xAc52SYGaRUaRyCZsR/IZTf08pelbmrjmJ1ju7DrmyUyf7FYhi3U7lEN
sdmBa9PnZvGRR5mBS3Qz+dCHBM4A37TSLoEGAk+Jfqgg1WlXs7GIlCUFThQEMcSr
USXST6ISaX8zrajPRGScmTPKVBKndfqNfWOXrw13uBjNYxHvvrNE2XpFVYQXYRFD
CZ0sfzHhMW47whoHryTVPf0IEetKXag9049qr/kW+WabCbsHEKwS0mLwi4abjopA
N4CS8TmOaOUzcl11AgMBAAGjggFLMIIBRzAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwGQYDVR0RBBIwEIIOaW1hcC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
A1UdDgQWBBQ1W8NNghBCdDCr9l/e2Qty+6tyVzAMBgNVHRMBAf8EAjAAMB8GA1Ud
IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1UdIAQaMBgwDAYKKwYBBAHW
eQIFATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n
bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOCAQEANYmURCxONVOI6vbx
VNfXw9rISEIxfFnuhgDAJ0m97tNEBn9oP9VgjSND6T3qz9uvwBLTqH11zhBXOqtr
WQAKx6CdWRryxKhUorfaRG2SFk/WXsCeVsWJGB12TzXBw+miAnNPDaIsdYZ7/5w4
StQFNYBkwbfN9FKSSx+7s0/V1RxeA8LUsO42KIyar3DjsINmxx1s/299/0CU27+2
Uad1qaE8l5VuyCpa0afKwQvKRpzw/GZyJ6+0y+eKLdEV2azWp1+3kNLVSY+E30/M
JkBJKl/3hyuRUXBaRlwdz351G27gIy2fDYltd5v/7DXIpjCRe53NtX7DjKtnBnzQ
8Ajslw==
—–END CERTIFICATE—–
Run command for certificate Import (Weblogic / server / lib)
keytool -import -alias imap.gmail.com -keystore DemoTrust.jks -file gmail-imap-cert.pem
keytool -import -alias imap.gmail.com -keystore DemoTrust.jks -file gmail-imap-cert.pem
Enter keystore password:
Re-enter new password:
Owner: CN=imap.gmail.com, O=Google Inc, L=Mountain View, ST=California, C=US
Issuer: CN=Google Internet Authority G2, O=Google Inc, C=US
Serial number: 36443ab92732b34c
Valid from: Thu Dec 15 19:40:16 IST 2016 until: Thu Mar 09 19:05:00 IST 2017
Certificate fingerprints:
MD5: 97:D0:32:78:2B:BA:AB:3A:EC:03:99:28:F2:1E:82:CC
SHA1: 88:AF:2C:A8:D7:77:6D:9A:E3:C0:5B:2B:28:80:AE:8C:D6:74:59:86
SHA256: 66:B1:F1:E1:96:7A:74:07:64:2B:8F:4D:FC:13:B7:6D:A6:73:E4:AE:D6:
CB:94:B3:2F:4B:50:E3:09:1F:71:DA
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 35 5B C3 4D 82 10 42 74 30 AB F6 5F DE D9 0B 72 5[.M..Bt0.._…r
0010: FB AB 72 57 ..rW
]
]
#2: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 4A DD 06 16 1B BC F6 68 B5 76 F5 81 B6 BB 62 1A J……h.v….b.
0010: BA 5A 81 2F .Z./
]
]
#3: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://pki.google.com/GIAG2.crl%5D
]]
#4: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: imap.gmail.com
]
#5: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.1]
[] ]
[CertificatePolicyId: [2.23.140.1.2.2]
[] ]
]
#6: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
]
#7: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
#8: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: http://pki.google.com/GIAG2.crt
,
accessMethod: ocsp
accessLocation: URIName: http://clients1.google.com/ocsp
]
]
Trust this certificate? [no]: yes
Certificate was added to keystore