Chapter - 11 : Email Configuration for Notification
This chapter includes following topics:
- Acquiring mail server SSL certificate
- Importing the mail server SSL certificate into keystore
- Synchronizing certificates from central store to local file instanceSynchronizing certificates from central store to local file instance
- Configuring Workflow Notification Properties
- Configuring Email Driver Properties
- Troubleshooting
Please see the SOA Suite User Guide for email configuration details. This chapter represents an example set up.
Email messages are sent via the Oracle User Messaging Service (UMS) in WebLogic.
The requirements to enable email notifications with User Messaging Service are:
- Acquire and import the mail server SSL certificate into keystore
- Configure Workflow Notification Properties
- Configure Email Driver Properties
If desired, an introduction to UMS is located here:
https://docs.oracle.com/middleware/1212/ums/UMSAG/introduction.htm#UMSAG97582
Acquiring Mail Server SSL Certificate Example
Most mail servers will use SSL security and you must import a certificate from the mail server so that UMS can establish a trust relationship. Use any import method that meets your company requirements. In this example, OpenSSL is used.
From a command window, OpenSSL can be invoked to extract certificate information. The sample here is interacting with Oracle Beehive with the results being redirected to the file example.cert:
openssl s_client -connect example.oracle.com:465 > example.cert
Note that, OpenSSL can take time to finish. You can end it after a few seconds with CTRL+C. The required certificate information is at the beginning.
Next, open the example.cert file with a text editor to copy the portion identified by the “BEGIN CERTIFICATE” and “END CERTIFICATE” records.
Importing the Mail Server SSL Certificate into keystore
To import the SSL certificate, open the Enterprise Manager Fusion Middle Control and navigate to the Security / Keystore menu item on the WebLogic Domain. Next select the system/trust store and click Manage.
On the Manage Certificates pane, click Import and then provide an alias such as “example” and paste the certificate information. Click Ok.
For many mail servers importing the one certificate will complete the task, but for example, Oracle Beehive utilizes a certificate chain, so it is also necessary to acquire and import certificates for Symantec® and Verisign®.
Synchronizing Certificates from Central Store to Local File Instance
Oracle User Messaging Service depends on certificates that are available from the local file instance of the keystore, so you must synchronize the certificates with the syncKeyStores command on the System MBean as previously described in “Synchronizing KSS keystores”. This step requires restarting the WebLogic servers.
Configuring Workflow Notification Properties
To enable email notifications to be sent from the SOA workflow, open the Enterprise Manager Fusion Middle Control and navigate to the SOA Administration / Workflow Properties menu item on the soa_server.
Change the Notification Mode to Email. Provide From, Actionable, and Reply To email addresses.
All email notifications sent from the SOA workflow will utilize the From email address, so the use of a no-reply email address is recommended (e.g. no-reply@example.com).
Click Apply to apply the changes.
Configuring Email Driver Properties
To provide mail server account information:
- Open the Enterprise Manager Fusion Middle Control and navigate to the User Messaging Service / usermessagingdriver-email (soa_server1) menu item.
Figure 11.7 - User Messaging Service / usermessagingdriver-email (soa_server1) Menu Item - Choose the Email Driver Properties menu item.
Figure 11.8 - Email Driver Properties menu item - Create an email configuration.
Figure 11.9 - Creating Email Configuration - Now provide a configuration name, sender address and set the delivery type to SEND
Figure 11.10 - Create Driver Properties Screen - Since the deliver type is SEND, you only need to provide the outgoing email information. Scroll down and set the outgoing email Server, Port, Security, Default from address, Username and Password.
The email address given here must match the From address provided earlier in the Workflow Notification Properties.
Figure 11.11 - Create Driver Properties Screen - Scroll back to the top and click Test to confirm the configuration. If the test does not show “The driver configuration is valid”, there is an issue with the server or credentials provided, or a missing SSL security certificate.
If the server and credentials are valid but the test still fails, see Troubleshooting below.
Figure 11.12 - Create Driver Properties Screen
Troubleshooting
If the test gives a Fail to connect error or a review of the SOA server log shows a failed SSL handshake, it could be an issue with the security certificate.
Verifying Trust Keystore
Open the WebLogic Server Administration Console to verify that the trust keystore used by the SOA server is the same system/trust were the security certificates were imported.
Reviewing the WebLogic Start Script
Review the WebLogic start script to verify that no extraneous keystore is being provided at startup. If there is, remove it and restart the WebLogic servers.
Edit the setDomainEnv.sh and remove the “javax.net.ssl.trustStore” property on the server start command (… /bin/java -server …) if there is one and restart the WebLogic servers.