在JIRA中设置SMTP/腾讯企业邮箱
邮箱设置
SMTP 邮件服务器通过界面设置smtp.exmail.qq.com
失败,怀疑是ssl协议未指定充分(腾讯企业邮箱使用了ssl)的原因。
Unfortunately no connection was possible.Review the errors below and rectify:
SocketTimeoutException: Read timed out
定位失败原因:未对服务器下发smtp的公钥证书的原因,有两种方式来解决:
1.通过JNDI配置ssl邮箱连接;
2.单独下发证书,下发证书见第2小节内容第4~7点,然后在界面上设置,设置示例见第3小节。如未成功,试一下第2小节内容第2点(此句属笔者猜测,酌情考虑);
通过JNDI配置ssl邮箱连接
1.关闭jira的tomcat server
2.剪切文件activation-1.1.1.jar 、mail-1.4.5.jar:从/.../atlassian-jira-6.3.6-standalone/atlassian-jira/WEB-INF/lib/
到/..../atlassian-jira-6.3.6-standalone/lib
必须剪切的原因见参考文档1的Move the JavaMail Classes一节,概况就是,必须保障是tomcat服务器建立了SMTP链接,而非JIRA建立的。
3.在tomcat server的conf/sever.xml中设置邮箱各项参数
<Context path="" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">
<!--
====================================================================================
@XXXX 2017/8/18 for mail via ssl.
====================================================================================
-->
<Resource name="mail/GmailSmtpServer"
auth="Container"
type="javax.mail.Session"
mail.smtp.host="smtp.gmail.com"
mail.smtp.port="465"
mail.smtp.auth="true"
mail.smtp.user="myusername@gmail.com"
password="mypassword"
mail.smtp.starttls.enable="true"
mail.debug="true"<!--optional for more debug detail-->
mail.smtp.socketFactory.class="javax.net.ssl.SSLSocketFactory"
/>
4.安装openssl
5.获取公钥openssl s_client -connect smtp.exmail.qq.com:465
,将以下内容保存至smtp.pem
文件中并放入jira系统中,密钥需包含begin/end两行。
Server certificate
-----BEGIN CERTIFICATE-----
MII......
-----END CERTIFICATE-----
6.将证书导入jira的钥匙库,输入命令(通过安装包形式安装JIRA的直接输keytool命令即可)
keytool -import -alias Jira@120v.cn -keystore $JAVA_HOME/jre/lib/security/cacerts -file smtp.pem
[root@test1 atlassian-jira-6.3.6-standalone]# keytool -import -alias XXX@XXXX -keystore $JAVA_HOME/jre/lib/security/cacerts -file smtp.pem
输入密钥库口令:
所有者: CN=pop.qq.com, OU=R&D, O=Shenzhen Tencent Computer Systems Company Limited, L=Shenzhen, ST=Guangdong, C=CN
发布者: CN=GeoTrust SSL CA - G3, O=GeoTrust Inc., C=US
序列号: 4adc5585410f94a089366b2869155056
有效期开始日期: Wed Sep 07 08:00:00 CST 2016, 截止日期: Sat Dec 08 07:59:59 CST 2018
证书指纹:
MD5: DE:DF:05:9C:22:71:F0:91:83:D0:0B:A8:01:04:06:82
SHA1: 45:62:5E:9F:41:60:97:3F:18:E9:FA:53:FE:A5:DA:03:0C:58:55:4C
SHA256: 13:D5:B8:D6:CA:BF:0E:C7:04:63:08:08:94:2A:A1:3E:24:4B:65:6E:31:99:E5:05:FB:C6:0C:B5:E3:6E:8D:B6
签名算法名称: SHA256withRSA
版本: 3
9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: upload.mail.qq.com
DNSName: hwsmtp.exmail.qq.com
DNSName: hwimap.exmail.qq.com
DNSName: cloudmx.qq.com
DNSName: imap.exmail.qq.com
DNSName: hwpop.exmail.qq.com
DNSName: smtp.qq.com
DNSName: mx3.qq.com
DNSName: rtx.exmail.qq.com
DNSName: dav.qq.com
DNSName: mx1.qq.com
DNSName: mxbiz1.qq.com
DNSName: ex.qq.com
DNSName: imap.qq.com
DNSName: pop.exmail.qq.com
DNSName: mxbiz2.qq.com
DNSName: mx2.qq.com
DNSName: smtp.exmail.qq.com
DNSName: pop.qq.com
]
是否信任此证书? [否]: Y
证书已添加到密钥库中
7.重启jira
8.在jira界面上设置SMTP服务器,选择JNDI,输入: java:comp/env/mail/JiraMailServer
9.发送测试邮件成功
下发证书后SMTP服务器设置
这样也能设置成功
接收邮件服务器设置
获取公钥,装公钥,测试:
参考文档
1.Connecting to SSL services
2.Configuring JIRA to Send SMTP Mail
3.道客巴巴——配置使用SSL加密的JIRA邮件服务器