Cause:
If the SSL Certificate in mail server is a self signed certificate then it is not imported in the ServiceDeskPlus-MSP java environment while using the POPS/IMAPS protocol.
Error Trace in logs:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target|
Solution:
Kindly note that the below process requires a service restart, hence plan it accordingly.
1. Download the file for windows from the attached.
2. Extract the folder that you downloaded from the link.
a. Place the gencert.bat file under C:\ManageEngine\Service DeskPlus-MSP.
b. Place the cert.jar file under C:\ManageEngine\Service DeskPlus-MSP\lib.
3. Run the Extracted batch file from the command prompt using the syntax given below.
syntax:- gencert.bat (hostname):(port)
Hostname and port number can be found from Admin->Mail Server Settings (Incoming or outgoing, whichever you have issue with).
eg:-
C:\ManageEngine\Service DeskPlus-MSP> gencert.bat outlook.office365.com:995
4. You will receive an exception PKIX, provide value 1. On supplying the value 1, a file called jssecacerts is generated in the C:\ManageEngine\Service DeskPlus-MSP Directory.
5. Copy the jssecacerts file under C:\ManageEngine\Service DeskPlus-MSP\ jre\lib\security folder. If you have a existing file, please take a copy before replacing.
6. Restart the ServiceDeskPlus-MSP application.
7. Fill in the values under Mail Server Settings. Start fetching mails to check the functionality.
Note:
1. If you have issues with both mail fetching and sending, it is enough, if you apply these steps for either of the incoming or outgoing hostname/port.
2. Linux users, please use the appropriate file (Lincertgeneraton.zip) attached.