Email Alert - Could not connect to SMTP host

I’m trying to send an email on an alert but nothing is sent. When I’m checking the logs the only things it returns is :

[2021-02-10T13:36:31,768][DEBUG][c.a.o.a.r.RestExecuteMonitorAction] [tbelin-VirtualBox] POST /_opendistro/_alerting/monitors/_execute
[2021-02-10T13:36:31,769][DEBUG][c.a.o.a.t.TransportGetMonitorAction] [tbelin-VirtualBox] User and roles string from thread context: null
[2021-02-10T13:36:31,770][DEBUG][c.a.o.a.MonitorRunner ] [tbelin-VirtualBox] Running monitor: AnomalyAlert with roles: Thread: DefaultDispatcher-worker-3
[2021-02-10T13:36:32,581][INFO ][c.a.o.a.m.d.Destination ] [tbelin-VirtualBox] Message published for action name: Email, messageid: Could not connect to SMTP host: smtp. gmail. com, port: 465, statuscode: 1

My sender is set up like this:
chema_version: 3
name: “email_alert”
email: “myemailtest
host: “smtp. gmail. com”
port: 465
method: “ssl”

I have, as the guide told me, add those two to the keystore with as “” and with the password of that gmail account.

I have tried to connect that gmail account with openssl and everything was working as attended. I have also check on wireshark if I could see more info and after the server exchange his certificate, my host rises a packet with “Alert (Level: Fatal, Description: Certificate Unknown)”. On elasticsearch.yml, I have put “opendistro_security.disabled: true”.

Is there anything I have misunderstood on the configuration guide?

Hi @tbelin,

Is the spacing in your sender for email ("myemailtest") and host ("smtp. gmail. com") how it’s actually configured? If so, you’ll want to remove the spaces.

Not this is not. I have added spaces because there is a link limitation for new users.

I see. At a glance, it looks like a cert trust issue but I’m not entirely sure.

Out of curiosity, have you tried the same sender but with port: 587 and method: starttls and does that work? I’m wondering if the issue is with SSL specifically.

I was thinking the same but I couldn’t find a way to make sure any certificate will be accepted. Do you know how I can do this?

Also, yes I have tried with TLS but I got this message on the log:

[2021-02-11T08:04:16,389][INFO ][c.a.o.a.m.d.Destination ] [tbelin-VirtualBox] Message published for action name: Email, messageid: Could not convert socket to TLS, statuscode: 1