Can't EMail Reports from Jasper Server on AWS

2

We have an AWS JasperServer instance, but cannot get report emailing to work successfully.  We've searched this forum and StackOverflow and tried many different combinations of options.  The gmail account is used by our other servers to send outgoing mail, so we know the account setup is correctly.  (The submission form spam filter is rejecting my post so I'm going to start trimming content.  If something seems to be missing that is important, let me know).

Any pointers would be appreciated.

CONFIGURATION

/usr/share/tomcat7/webapps/jasperserver-pro/WEB-INF/js.quartz.properties
report.scheduler.web.deployment.uri=http://localhost/jasperserver-pro
 
report.scheduler.mail.sender.host=smtp.gmail.com
report.scheduler.mail.sender.username=username@gmail.com
report.scheduler.mail.sender.password=mypassword
report.scheduler.mail.sender.from=username@gmail.com
report.scheduler.mail.sender.protocol=smtp
report.scheduler.mail.sender.port=587
 
/usr/share/tomcat7/webapps/jasperserver-pro/WEB-INF/applicationContext-report-scheduling.xml 
        <property name="host" value="${report.scheduler.mail.sender.host}"/>
        <property name="username" value="${report.scheduler.mail.sender.username}"/>
        <property name="password" value="${report.scheduler.mail.sender.password}"/>
        <property name="protocol" value="${report.scheduler.mail.sender.protocol}"/>
        <property name="port" value="${report.scheduler.mail.sender.port}"/>
        <property name="javaMailProperties">
            <props>
                <prop key="mail.smtp.auth">true</prop>
                <prop key="mail.smtp.starttls.enable">true</prop>
                <prop key="mail.smtp.starttls.required">true</prop>  <!-- Tried with and without this line -->
            </props>
        </property>
 
Port 587:
2014-08-12 17:46:47,862 ERROR ReportExecutionJob,quartzScheduler_Worker-1:311 - The job error notification was not completed. An error occurred while sending it.
org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Can't send command to SMTP host;
  nested exception is:
        javax.net.ssl.SSLException: Server key. Failed messages: javax.mail.MessagingException: Can't send command to SMTP host;
  nested exception is:
        javax.net.ssl.SSLException: Server key; message exception details (1) are:
Failed message 1:
javax.mail.MessagingException: Can't send command to SMTP host;
  nested exception is:
        javax.net.ssl.SSLException: Server key
        at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1420)
<snip>
Caused by: javax.net.ssl.SSLException: Server key
        at sun.security.ssl.Handshaker.throwSSLException(Handshaker.java:1202)
<snip>
        at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:1418)
        ... 14 more
Caused by: java.security.spec.InvalidKeySpecException: key spec not recognised
        at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown Source)
        at org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi.engineGeneratePublic(Unknown Source)
        at java.security.KeyFactory.generatePublic(KeyFactory.java:334)
        at sun.security.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:1057)
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:218)
        ... 24 more
 
 
 
-------------------------
Port 465:
2014-08-12 17:54:44,413 ERROR ReportExecutionJob,quartzScheduler_Worker-1:311 - The job error notification was not completed. An error occurred while sending it.
org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Exception reading response;
  nested exception is:
        javax.net.ssl.SSLException: Server key. Failed messages: javax.mail.MessagingException: Exception reading response;
  nested exception is:
        javax.net.ssl.SSLException: Server key; message exception details (1) are:
Failed message 1:
javax.mail.MessagingException: Exception reading response;
  nested exception is:
        javax.net.ssl.SSLException: Server key
 

 

 

tmccarty's picture
Joined: Jul 23 2014 - 11:52am
Last seen: 4 years 3 weeks ago
mcota_1 - 4 years 11 months ago

Thanks for the ideas - We've tried both SMTPS (465) and port 25, and still receive the same error message as before. Anything else to try?

tmccarty - 4 years 11 months ago

I'm wondering why you're getting an SSLException on Port 25. 

djohnson53 - 4 years 10 months ago
show 1 more...

I'm wondering why you're getting an SSLException on Port 25. 

Although using STARTTLS on port 587 is preferred, you can do it on port 25, and many mail servers do.

sbyrne - 4 years 3 months ago

5 Answers:

0

OUR FINAL FIX:  

  1. Installed PostFix as an SMTP relay on the Jasper box
  2. Configured Jasper instance in path /usr/share/tomcat7/webapps/jasperserver-pro/WEB-INF per the other links/articles here, using localhost as the mail host, protocol smtp, port 25
  3. Edited js.quartz.properties: to set the correct URL for the hyperlinks sent in reporting e-mails:
     
     
    OLD: report.scheduler.web.deployment.uri=http://jasper.clipinteractive.com013:8080/jasperserver-pro NEW: report.scheduler.web.deployment.uri=http://jasper.clipinteractive.com/jasperserver-pro

    I'm also documenting information we received from JasperSoft here for the sake of others who may be working on this issue. Note that none of this resolved the issue for us. We have multiple other AWS-hosted servers successfully emailing, some via our own exchange servers and some via Gmail. This turnkey Jasper server is the only one that could not successfully send email out, so I disagree with the statement below that the issue is not related to Jaspersoft but rather to the AWS environment. I think it is something unique about the way the Jasper servers are set up in AWS. With that caveat, here are the recommended points from Jaspersoft:

    As the the problem with your JRS not communicating with your Email Server - please make sure they are on the same VCP and security group within AWS - this issues is not related to the Jaspersoft Server but the AWS environment. If your email server is in your own domain - you could purchase a VPN from amazon - or you could just spin up a email server on AWS in the same VCP and security group and use it just for communications from Jaspersoft

    Scheduling via Gmail should work. Connections have to be checked at both JRS instance and network levels and ensured that no traffic is being blocked to access Gmail (and corresponding default ports used by Gmail)

    Make sure that connections can be made at both

    • JRS Instance level (Security Group / Route Table): eg, from traffic outside of VPC ("0.0.0.0"), send to the gateway

    • Network level (Network ACL)

    tmccarty's picture
    Joined: Jul 23 2014 - 11:52am
    Last seen: 4 years 3 weeks ago
    0

    You can refer to our blog for more details regarding email scheduling of the reports

     

    http://helicaltech.com/jaspersoft-report-scheduler/

     

    Nikhilesh

    Helical IT Solutions

    Nikhilesh_1's picture
    Joined: Jul 12 2013 - 2:25am
    Last seen: 11 months 3 weeks ago

    Thanks for the ideas - We've tried both SMTPS (465) and port 25, and still receive the same error message as before. Any other ideas?

    tmccarty - 4 years 11 months ago
    0

    I receive exactly the same assertion! Everything was alright in JasperServer 5.5.1 AWS. I installed a new instance JasperServer 5.6.1 AWS through CloudFormation and used the same setting for mail server and received this exception.

    kashoory's picture
    274
    Joined: Apr 23 2014 - 5:19pm
    Last seen: 2 months 3 days ago

    Hi kashoory,

    We just moved to version 5.6.1 in AWS and are using Amazon SES to send our report emails. We ran into the same issue with SSLException error. I found the following information when trying to debug this: http://www.gubatron.com/blog/2013/08/07/solved-java7-smtp-issue-caused-b...

    It turns out that Jasper updated the AMI to use Java 7. After a few different attempts I found a solution that works. Here are my entries from js.quartz.properties and the applicable entries in applicationContext-report-scheduling.xml. Things could probably be cleaned up a little, but it works.

    ---------------------------
    report.scheduler.mail.sender.host=email-smtp.us-east-1.amazonaws.com
    report.scheduler.mail.sender.username=AWS_ACCESS_KEY (Use your value)
    report.scheduler.mail.sender.password=AWS_SECRET_ACCESS_KEY (Use your value)
    report.scheduler.mail.sender.from=amazonsesregisteredemailaddress (Use your value)
    report.scheduler.mail.sender.protocol=smtp
    report.scheduler.mail.sender.port=25
    report.scheduler.mail.ssl.ciphersuites=SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA SSL_DHE_RSA_WITH_DES_CBC_SHA SSL_DHE_DSS_WITH_DES_CBC_SHA SSL_RSA_EXPORT_WITH_RC4_40_MD5 SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_EMPTY_RENEGOTIATION_INFO_SCSV
    ---------------------------------------

    <bean id="reportSchedulerMailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
    <property name="host" value="${report.scheduler.mail.sender.host}"/>
    <property name="username" value="${report.scheduler.mail.sender.username}"/>
    <property name="password" value="${report.scheduler.mail.sender.password}"/>
    <property name="protocol" value="${report.scheduler.mail.sender.protocol}"/>
    <property name="port" value="${report.scheduler.mail.sender.port}"/>
    <property name="javaMailProperties">
    <props>
    <prop key="mail.smtp.ssl.enable">true</prop>
    <prop key="mail.smtp.auth">true</prop>
    <prop key="mail.smtp.starttls.enable">true</prop>
    <prop key="mail.smtp.starttls.required">true</prop>
    <prop key="mail.smtp.ssl.ciphersuites">"${report.scheduler.mail.ssl.ciphersuites}"</prop>
    </props>
    </property>
    </bean>

    ghayes - 4 years 9 months ago

    Hi Ghayes,

    Thanks for the response. I had the SSLException problem with both Gmail and Amazon SES on ports 465 and 587 even with the magic string for report.scheduler.mail.ssl.ciphersuites !
    However, port 25 worked for me on both gmail and SES without the magic string because it is apparently not using SSL at all. I reckon the problem is with SSL only, I am not expert though.

    For port 25, I did NOT use the following settings:
    <prop key="mail.smtp.ssl.enable">true</prop>
    <prop key="mail.smtp.starttls.required">true</prop>
    <prop key="mail.smtp.ssl.ciphersuites">"${report.scheduler.mail.ssl.ciphersuites}"</prop>

    My settings on are:
    --------------------------------------------------
    <prop key="mail.smtp.auth">true</prop>
    <prop key="mail.smtp.starttls.required">true</prop>
    --------------------------------------------------
    report.scheduler.mail.sender.host= AMAZON=> email-smtp.us-west-2.amazonaws.com , GOOGLE=> aspmx.l.google.com
    report.scheduler.mail.sender.username=Amazon=> AWS_ACCESS_KEY , GOOGLE=> gmail account
    report.scheduler.mail.sender.password=Amazon=> AWS_SECRET_ACCESS_KEY , GOOGLE=> gmail password
    report.scheduler.mail.sender.from=Amazon=> amazon ses registered email address , GOOGLE= mail address
    report.scheduler.mail.sender.protocol=smtp
    report.scheduler.mail.sender.port=25

    Te problem I faced with gmail was "Mail can only be sent to Gmail or Google Apps users" according to https://support.google.com/a/answer/176600?hl=en. As a result, I preferred to use Amazon SES.

    Keivan

    kashoory - 4 years 9 months ago
    0

    Another solution is to use port 25 instead of 465 and 58. It worked on Amzon SES and gmail. Find the detail on my answer to previous post.

    kashoory's picture
    274
    Joined: Apr 23 2014 - 5:19pm
    Last seen: 2 months 3 days ago
    2

    I got the same InvalidKeySpecException doing something else. The workaround is to use Oracle's JRE 1.7.0 instead of OpenJDK.

    sbyrne's picture
    89
    Joined: Mar 18 2015 - 6:53am
    Last seen: 3 years 11 months ago
    Feedback
    randomness