sslsitecoressl-certificatesitecore6sitecore-ecm

Sitecore ECM: Could not establish trust relationship for the SSL/TLS secure channel


I am getting the following error whenever I try to do a Test Connection in Email Campaign Manager.

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.

The following is the error which is recorded in the log

ManagedPoolThread #11 11:41:08 INFO Job started: VerifyMTA
ManagedPoolThread #11 11:41:08 WARN EmailCampaign: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Exception: System.Net.WebException
Message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Source: System.Web.Services
at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Sitecore.Modules.EmailCampaign.AppsService.AppsService.GetServerApplicationsByApplicationId(Credentials credentials, Guid applicationId)
at Sitecore.Modules.EmailCampaign.Core.Services.AppsServiceClient.IsApplicationPurchased(Guid applicationId)
at Sitecore.Modules.EmailCampaign.Core.MessageTransfer.EmailDeliveryClient.IsPurchased()
at Sitecore.Modules.EmailCampaign.Core.MessageTransfer.EmailDeliveryClient.GetSmtpConfiguration()
at Sitecore.Modules.EmailCampaign.SendingManager.GetSmtpSettings()
at Sitecore.Modules.EmailCampaign.Core.MessageTransfer.MtaChecker.GetSmtpSettings(StringBuilder report, String& error)
at Sitecore.Modules.EmailCampaign.Core.MessageTransfer.RemoteMtaChecker.GetSmtpSettings(StringBuilder report, String& error)

Nested Exception

Exception: System.Security.Authentication.AuthenticationException
Message: The remote certificate is invalid according to the validation procedure.
Source: System
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.TlsStream.CallProcessAuthentication(Object state)
at System.Threading.ExecutionContext.runTryCode(Object userData)
at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean ignoreSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)


ManagedPoolThread #11 11:41:08 INFO Job ended: VerifyMTA (units processed: )

I am also getting an error in the Connection test option in the Email Delivery tab of Sitecore App Center.

The port numbers 25 and 443 are open in the server to contact the Sitecore app center and the mail server(Default Sitecore Mail Server). I can do

telnet apps.sitecore.net 443

and it works fine.

I have tried logging out and logging back in; in the Sitecore appcenter as suggested in the some other thread in stackoverflow. But still I am getting this error.

Can anyone suggest a fix to this. Thanks in advance.


Solution

  • We contacted Sitecore and we got the following response to troubleshoot the issue

    Temporary Fix
    As a temporary fix, you can add a call back delegate that always returns true whenever Sitecore tries to verify the remote server certificate. You can do this by adding a function in Global.asax file provided by Sitecore in website folder as explained here . If this solves the issue then it confirms that it is Server certificate issue. This might cause some security issue so dont use it as a permanent solution.