APAR status
Closed as program error.
Error description
Configuring a new smtp server as a mail server in the cloud manager with using a TLS profile, you may get the message: "Verification of the mail server configuration failed with the error: self signed certificate in certificate chain". In the apim log, you see something like: ---- 2020-09-03T18:11:05.747Z audit [a73e558e230e099282e67d0577832f12] POST /api/orgs/92f4f146-8fce-46b7-85cd-bcc95b65fd0e/mail-servers 2020-09-03T18:11:05.747Z audit [a73e558e230e099282e67d0577832f12] ================================================================ ======================================================== 2020-09-03T18:11:06.034Z apim:error [a73e558e230e099282e67d0577832f12] error verifying email configuration: {"stack":"Error: self signed certificate in certificate chain\n at TLSSocket.onConnectSecure (_tls_wrap.js:1506:34)\n at TLSSocket.emit (events.js:315:20)\n at TLSSocket._finishInit (_tls_wrap.js:948:8)\n at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:706:12)","message":"self signed certificate in certificate chain","code":"********"} 2020-09-03T18:11:06.048Z bhendi:error [a73e558e230e099282e67d0577832f12] Error in POST post:/api/orgs/:org/mail-servers (mail_server.js:create) - status : 400 - message: Verification of the mail server configuration failed with the error: self signed certificate in certificate chain - stack : Error: Verification of the mail server configuration failed with the error: self signed certificate in certificate chain at error (/app/node_modules/apic-util/src/util.js:828:11) at MailServer.createPreHook (/app/routes/mail_server.js:121:23) at runMicrotasks (<anonymous>) at processTicksAndRejections (internal/process/task_queues.js:97:5) - errors : undefined: {"status":400,"message":["Verification of the mail server configuration failed with the error: self signed certificate in certificate chain"]} 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] Stack trace for response error: Error: Verification of the mail server configuration failed with the error: self signed certificate in certificate chain at error (/app/node_modules/bhendi/lib/bhendiUtil.js:52:11) at dispatch (/app/node_modules/bhendi/mw/dispatcher.js:499:21) at runMicrotasks (<anonymous>) at processTicksAndRejections (internal/process/task_queues.js:97:5) at async dispatcher (/app/node_modules/bhendi/mw/dispatcher.js:321:5) 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] ================================================================ ======================================================== 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] Failure 400 response (POST /api/orgs/92f4f146-8fce-46b7-85cd-bcc95b65fd0e/mail-servers) (took 301ms) 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] ================================================================ ======================================================== [a73e558e230e099282e67d0577832f12] { "status": 400, "message": [ "Verification of the mail server configuration failed with the error: self signed certificate in certificate chain" ] } -----
Local fix
The workaround is to create another valid email server which does NOT use TLS (using port 25), then patch that email server to have the real email server's config, because during PATCH we do not perform test connection that leads to the error above.
Problem summary
Users may observe this message when using Cloud Manager to configure a new SMTP server using a TSL profile: "Verification of the mail server configuration failed with the error: self signed certificate in certificate chain". In the apim log, the following may be observed: ---- 2020-09-03T18:11:05.747Z audit [a73e558e230e099282e67d0577832f12] POST /api/orgs/92f4f146-8fce-46b7-85cd-bcc95b65fd0e/mail-servers 2020-09-03T18:11:05.747Z audit [a73e558e230e099282e67d0577832f12] ================================================================ ======================================================== 2020-09-03T18:11:06.034Z apim:error [a73e558e230e099282e67d0577832f12] error verifying email configuration: {"stack":"Error: self signed certificate in certificate chain\n at TLSSocket.onConnectSecure (_tls_wrap.js:1506:34)\n at TLSSocket.emit (events.js:315:20)\n at TLSSocket._finishInit (_tls_wrap.js:948:8)\n at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:706:12)","message":"self signed certificate in certificate chain","code":"********"} 2020-09-03T18:11:06.048Z bhendi:error [a73e558e230e099282e67d0577832f12] Error in POST post:/api/orgs/:org/mail-servers (mail_server.js:create) - status : 400 - message: Verification of the mail server configuration failed with the error: self signed certificate in certificate chain - stack : Error: Verification of the mail server configuration failed with the error: self signed certificate in certificate chain at error (/app/node_modules/apic-util/src/util.js:828:11) at MailServer.createPreHook (/app/routes/mail_server.js:121:23) at runMicrotasks (<anonymous>) at processTicksAndRejections (internal/process/task_queues.js:97:5) - errors : undefined: {"status":400,"message":["Verification of the mail server configuration failed with the error: self signed certificate in certificate chain"]} 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] Stack trace for response error: Error: Verification of the mail server configuration failed with the error: self signed certificate in certificate chain at error (/app/node_modules/bhendi/lib/bhendiUtil.js:52:11) at dispatch (/app/node_modules/bhendi/mw/dispatcher.js:499:21) at runMicrotasks (<anonymous>) at processTicksAndRejections (internal/process/task_queues.js:97:5) at async dispatcher (/app/node_modules/bhendi/mw/dispatcher.js:321:5) 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] ================================================================ ======================================================== 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] Failure 400 response (POST /api/orgs/92f4f146-8fce-46b7-85cd-bcc95b65fd0e/mail-servers) (took 301ms) 2020-09-03T18:11:06.049Z audit [a73e558e230e099282e67d0577832f12] ================================================================ ======================================================== [a73e558e230e099282e67d0577832f12] { "status": 400, "message": [ "Verification of the mail server configuration failed with the error: self signed certificate in certificate chain" ] } -----
Problem conclusion
The issue is addressed in iFix2 for API Connect 2018.4.1.13.
Temporary fix
Comments
APAR Information
APAR number
LI81727
Reported component name
API CONNECT ENT
Reported component ID
5725Z2201
Reported release
18X
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-09-22
Closed date
2020-09-24
Last modified date
2020-09-24
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
API CONNECT ENT
Fixed component ID
5725Z2201
Applicable component levels
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"18X"}]
Document Information
Modified date:
26 September 2020