Apply certificate for EWS mail configuration in SDP.

Apply certificate for EWS mail configuration in SDP.

      EWS protocol support is introduced in 10006 version of SDP ( Limited to windows servers ). User can configure EWS for both incoming and outgoing settings in SDP.

Note: If the mail server is O365 , then you need not perform these steps as the certificate info is already available in the built-in keystore.

To apply the certificate for EWS protocol in SDP, please follow the below steps

1. Open your EWS url in a new tab in Firefox browser.

2. You will be prompted for username and password.
































3. Please enter the appropriate credentials. After entering the appropriate credentials, you will be redirected to a page similar to this image.


4. Export the Certificate.

To export the certificate, follow the below steps

      Click on the lock symbol in the URL >> Click on the pad lock symbol >> Click on connection >> More Information >> Security >> View Certificate >>  Miscellaneous >> Download >> PEM (chain) (X.509 Certificate with Chain ( PEM )) format >> Save





Click on View Certificate






5. Go to <server_home>\jre\bin folder in the command prompt / terminal app. Execute the below command 


keytool -import -alias outlook.com -keystore ../lib/security/cacerts -file ../yourCertificate.crt

( If you have jssecacerts file in the security folder, then give jssecacerts instead of cacerts as the keystore.  )

6. Provide password as "changeit" when prompted.

7. If the certificate is valid, it will prompt "do you trust this certificate?". Type 'yes' and press enter.

8. Certificate will be added to the keystore.

9. Restart the application service once and check whether you could able to connect to EWS.

                    New to ADSelfService Plus?

                      • Related Articles

                      • Fix: Error while sending mail using EWS

                        Issue trace: [11:58:49:091]|[11-29-2022]|[SYSERR]|[INFO]|[122]: microsoft.exchange.webservices.data.core.exception.service.remote.ServiceResponseException: The operation can't be performed because the item is out of date. Reload the item and try ...
                      • Troubleshooting Oauth configuration for mail server settings

                        Oauth in ServiceDesk Plus / AssetExplorer for Mail SDP supports Oauth configuration for Office365 and GSuite mailboxes since 11106 build. Office365 mailboxes can be configured with Oauth authentication using EWS (since 11106) and IMAP / SMTP (since ...
                      • Apply certificate of your Exchange Server in SDP for mail fetching / mail sending

                        Steps to apply certificate of your Exchange Server in SDP 1. Download the file from the link given below and extract it to the Service Desk Plus Home directory Linux - ...
                      • Problem in extracting emails via EWS from 11134

                        Emails getting fetched via EWS are getting failed to process and stops the Mail Fetching when that mail's object doesn't have InternetMessageHeaders. Note: This issue will not occur for all emails extracted via EWS except for the emails which don't ...
                      • Fix jar for EWS connectivity issue

                        Issue: In EWS for incoming, we are facing intermittent connectivity issues like 'unexpected end of ZLIB input stream', '(503) service unavailable', 'this connection to store is dead' etc. Resolution: Apply the attached fjar (Download the build ...