Avaya Support Forums  

Go Back   Avaya Support Forums > Contact Center Applications

Thread Tools Search this Thread Display Modes
Old 01-19-2016, 07:13 AM
jacks196 jacks196 is offline
Join Date: Oct 2014
Location: Sheffield, England
Posts: 44
jacks196 has 12 reputation points
Unhappy AACC - CCMM SSL email

Some months ago we implemented SSL security on email between our CCMM server and MS Exchange which all worked fine (eventually). We have renewed the SSL certificate chain on Exchange and now need to update the certificates on CCMM, I have followed the original procedure but CCMM is unable to poll the mailboxes in Exchange.

Looking in the CCMM_EmailManager_1.log file I see the below error for each mailbox... I'm out of ideas and have wasted a full day without any success.... anybody any thoughts?

2016-01-19 14:48:32.924 +0000 EmailManager:HAL 10520:23 7121 Minor None An exception was caught trying to connect to host: [HOSTNAME.DOMAIN.CO.UK], Inbox: [NAME OF MAILBOX]
javax.mail.MessagingException: Connect failed;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3St ore.java:148)
at javax.mail.Service.connect(Service.java:275)
at com.nortel.applications.ccmm.mail.hostaccess.servi ces.MailStore.performOpen(MailStore.java:413)
at com.nortel.applications.ccmm.mail.hostaccess.servi ces.MailStore.open(MailStore.java:297)
at com.nortel.applications.ccmm.mail.hostaccess.threa dpool.WorkerThread.executeRetrieve(WorkerThread.ja va:209)
at com.nortel.applications.ccmm.mail.hostaccess.threa dpool.WorkerThread.executeRequest(WorkerThread.jav a:167)
at com.nortel.applications.ccmm.mail.hostaccess.threa dpool.WorkerThread.run(WorkerThread.java:115)
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.net.ssl.internal.ssl.InputRecord.handleUnk nownRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unkn own Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRec ord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.perform InitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDat aRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(U nknown Source)
at java.io.BufferedInputStream.fill(Unknown Source)
at java.io.BufferedInputStream.read(Unknown Source)
at java.io.DataInputStream.readLine(Unknown Source)
at com.sun.mail.pop3.Protocol.simpleCommand(Protocol. java:347)
at com.sun.mail.pop3.Protocol.<init>(Protocol.java:91 )
at com.sun.mail.pop3.POP3Store.getPort(POP3Store.java :201)
at com.sun.mail.pop3.POP3Store.protocolConnect(POP3St ore.java:144)
... 6 more
Reply With Quote
Old 01-20-2016, 12:00 AM
vikramsg vikramsg is offline
Join Date: Apr 2011
Posts: 30
vikramsg has 11 reputation points

This looks more like a Certificate issue.

may be you should manually remote the certificate reference from the Java certificate store on CCMM and try to re-install the Certificates.

You can use the keytool command. below is a sample of the command:

keytool -v -importcert -alias "Alias Name" -file Ngcert.cer -keystore "C:\Program Files\Java\jre6\lib\security\cacerts”

keytool -v -importcert -alias "Alias Name" -file Ngcert.cer -keystore "C:\Program Files (x86)\Java\jre6\lib\security\cacerts"

This should fix the issue.

Vikram SG.
Vikram SG
Reply With Quote
Old 01-20-2016, 04:19 AM
jacks196 jacks196 is offline
Join Date: Oct 2014
Location: Sheffield, England
Posts: 44
jacks196 has 12 reputation points

Thanks for the feedback Vikram...

I've done as suggested but unfortunately I'm still unable to connect to Exchange..

I've deleted the existing certificate from the Java cacerts keystore for both 32 & 64 bit Java installs, I've installed the new certificate in the chain individually in both 32 & 64-bit Java installs and verified they are installed correctly, I've changed the server configuration within AACC CCMM Administration to try both SSL and TLS protocols but still no joy.. I've been restarting the CCMM EmailManager service whenever making any changes...

I'm at a loss now, I've spent 2 days trying to sort this out & am no further forward!

Any further suggestions would be hugely appreciated.


Reply With Quote
Old 01-20-2016, 07:19 AM
jacks196 jacks196 is offline
Join Date: Oct 2014
Location: Sheffield, England
Posts: 44
jacks196 has 12 reputation points

.....I may have found the cause - we are using POP3 and apparently MS Exchange POP3 only supports TLS 1.0 - the new certificate we are using is SHA256, we do not believe a SHA256 certificate is compatible with TLS 1.0, the previous certificate was SHA1. We are going to generate a new SHA1 certificate which will hopefully resolve the issue.
Reply With Quote
Old 01-21-2016, 03:13 AM
wellington35 wellington35 is offline
Join Date: Jul 2012
Location: Orlando, FL
Posts: 42
wellington35 has 10 reputation points

Thanks for sharing your solution!
Wellington Paez
Senior Convergence Specialist @ Carousel Industries
Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -7. The time now is 05:29 PM.

This Forum is provided solely for the use and convenience of Avaya customers and partners. Use of the Forum is subject to the Terms and Use and Privacy Statement found at www.avaya.com. No other use is permitted. The Forum including all content posted is “AS IS” and Avaya expressly disclaims all warranties and/or guarantees as to its accuracy, reliability, usefulness, quality or non-infringement of intellectual property. Avaya reserves the right to remove any content posted on the Forum at any time and for whatever reason.

Avaya will not be liable for any content posted on this Forum, including, without limitation, any errors or omissions or for any losses or damages of any kind incurred as a result of use or reliance on any content, regardless of its origin.

You expressly understand and agree that you assume all risks associated with use or reliance on this content.