Mail fetching failed - PKIX path building failed.

Mail fetching failed - PKIX path building failed.

Cause:


If the SSL Certificate in mail server is a self signed certificate then it is not imported in the ServiceDeskPlus-MSP java environment while using the POPS/IMAPS protocol.

Error Trace in logs:

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target|

Solution:

Kindly note that the below process requires a service restart, hence plan it accordingly.

1. Download the file for windows from the attached.

2. Extract the folder that you downloaded from the link.

a. Place the gencert.bat file under  C:\ManageEngine\Service DeskPlus-MSP.

b. 
Place the cert.jar file under  C:\ManageEngine\Service DeskPlus-MSP\lib.

3. Run the Extracted batch file from the command prompt using the syntax given below.

syntax:- gencert.bat (hostname):(port)

Hostname and port number can be found from Admin->Mail Server Settings (Incoming or outgoing, whichever you have issue with).

eg:-
C:\ManageEngine\Service DeskPlus-MSP> gencert.bat outlook.office365.com:995

4. You will receive an exception PKIX, provide value 1. On supplying the value 1, a file called jssecacerts is generated in the C:\ManageEngine\Service DeskPlus-MSP Directory.

5. Copy the jssecacerts file under C:\ManageEngine\Service DeskPlus-MSP\ jre\lib\security folder. If you have a existing file, please take a copy before replacing. 

6. Restart the ServiceDeskPlus-MSP application.

7. Fill in the values under Mail Server Settings. Start fetching mails to check the functionality.


Note: 

1. If you have issues with both mail fetching and sending, it is enough, if you apply these steps for either of the incoming or outgoing hostname/port.

2. Linux users, please use the appropriate file (Lincertgeneraton.zip) attached.
      • Related Articles

      • Zoho Reports sync failure_PKIX path building failed

        While syncing Zoho Reports, this error may appear where the self-signed certificate to sync both Zoho Reports and SDP MSP will be missing. These traces (mentioned below) can be viewed in the file zrmeinteglog0.txt under the location  ...
      • Mail sending failed_Unable to relay

        Error trace in logs: javax.mail.SendFailedException: Invalid Addresses;nested exception is: com.sun.mail.smtp.SMTPAddressFailedException: 550 5.7.1 Unable to relay Possible Cause: The SMTP server does not allow relaying unless you are sending email ...
      • Mail fetching - deleted flag issue

        This message will be thrown, when you have provided a shared mailbox. The concept here is, SDP MSP reads the mail from the configured mailbox and adds it as a request. During the time, if some other application fetches the mail from the same mailbox ...
      • Sending notification failed

        In some scenarios the outgoing emails will error with Sending notification failed message in UI and in the logs you can see, 550 5.2.125 The sender has exceeded the maximum number of messages they are allowed to send via client submission either per ...
      • Mail fetching_ Command is not valid in this state

        Cause: Unable to fetch email when encrypted mode is enabled on POP in the mail server. Error trace in logs: javax.mail.AuthenticationFailedException: Command is not valid in this state. Solution: Reset the password format on the exchange server to ...