Email Alert - Could not connect to SMTP host

Hello,
I’m trying to send an email on an alert but nothing is sent. When I’m checking the logs the only things it returns is :

Blockquote
[2021-02-10T13:36:31,768][DEBUG][c.a.o.a.r.RestExecuteMonitorAction] [tbelin-VirtualBox] POST /_opendistro/_alerting/monitors/_execute
[2021-02-10T13:36:31,769][DEBUG][c.a.o.a.t.TransportGetMonitorAction] [tbelin-VirtualBox] User and roles string from thread context: null
[2021-02-10T13:36:31,770][DEBUG][c.a.o.a.MonitorRunner ] [tbelin-VirtualBox] Running monitor: AnomalyAlert with roles: Thread: DefaultDispatcher-worker-3
[2021-02-10T13:36:32,581][INFO ][c.a.o.a.m.d.Destination ] [tbelin-VirtualBox] Message published for action name: Email, messageid: Could not connect to SMTP host: smtp. gmail. com, port: 465, statuscode: 1

My sender is set up like this:
email_account:{
chema_version: 3
name: “email_alert”
email: “myemailtest @gmail.com
host: “smtp. gmail. com”
port: 465
method: “ssl”
}

I have, as the guide told me, add those two to the keystore with opendistro.alerting.destination.email.email_alert.username as “myemailtest@gmail.com” and
opendistro.alerting.destination.email.email_alert.password with the password of that gmail account.

I have tried to connect that gmail account with openssl and everything was working as attended. I have also check on wireshark if I could see more info and after the smtp.gmail.com server exchange his certificate, my host rises a packet with “Alert (Level: Fatal, Description: Certificate Unknown)”. On elasticsearch.yml, I have put “opendistro_security.disabled: true”.

Is there anything I have misunderstood on the configuration guide?
Sincerly.

Hi @tbelin,

Is the spacing in your sender for email ("myemailtest @gmail.com") and host ("smtp. gmail. com") how it’s actually configured? If so, you’ll want to remove the spaces.

Hello,
Not this is not. I have added spaces because there is a link limitation for new users.

I see. At a glance, it looks like a cert trust issue but I’m not entirely sure.

Out of curiosity, have you tried the same sender but with port: 587 and method: starttls and does that work? I’m wondering if the issue is with SSL specifically.

I was thinking the same but I couldn’t find a way to make sure any certificate will be accepted. Do you know how I can do this?

Also, yes I have tried with TLS but I got this message on the log:

[2021-02-11T08:04:16,389][INFO ][c.a.o.a.m.d.Destination ] [tbelin-VirtualBox] Message published for action name: Email, messageid: Could not convert socket to TLS, statuscode: 1