Some SMTP servers require SMTP communcation to use a TLS connection.

This document explains how you can configure the AAI Reporting Server(Jasperserver) to use TLS for SMTP emails.

1. On the AAI Reporting server, In the apache-tomcat/webapps/jasperserver-pro/WEB-INF directory, make a backup of the applicationContext-report-scheduling.xml and js.quartz.properties files.

2. In the js.quartz.properties you can try adding the highlighted line below:

report.scheduler.mail.sender.host=r<smtp hostname>
report.scheduler.mail.sender.username=admin
report.scheduler.mail.sender.password=
report.scheduler.mail.sender.from=<sender's email address>
report.scheduler.mail.sender.protocol=smtp
report.scheduler.mail.sender.port=25
report.scheduler.mail.smtp.starttls.enable=true

3. In the applicationContext-report-scheduling.xml, find the reportSchedulerMailSender section like below and add the highlighted line.

    <bean id="reportSchedulerMailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl" lazy-init="true">
        <property name="host" value="${report.scheduler.mail.sender.host}"/>
        <property name="username" value="${report.scheduler.mail.sender.username}"/>
        <property name="password" value="${report.scheduler.mail.sender.password}"/>
        <property name="protocol" value="${report.scheduler.mail.sender.protocol}"/>
        <property name="port" value="${report.scheduler.mail.sender.port}"/>
        <property name="javaMailProperties">
            <props>
                <prop key="mail.smtp.sendpartial">true</prop>
                <prop key="mail.smtp.auth">false</prop>
                <prop key="mail.smtp.starttls.enable">true</prop>
            </props>
        </property>

4. Once the configuration above is complete you will need to import the root certificate used by the SMTP server into the Reporting Server cacert keystores.

On the reporting server, there will be a Java installed for the OS, $JAVA_HOME/jre/lib/security/cacerts, and also an embedded Java within the <reporting server install dir>/java/jre/lib/security/cacerts directory. We would recommend importing the certificate into both of those locations in the steps below.

5. Copy the SMTPS root certificate to the AAI server.

6. Ensure JAVA_HOME variable is set to the current Java directory.

7. Run the following 

Windows:

keytool -import -v -file filename.cer -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -storepass changeit -noprompt

keytool -import -v -file filename.cer -keystore <Reporing Server Install Dir>\java\jre\lib\security\cacerts" -storepass changeit -noprompt

Linux:

keytool -import -v -file filename.cer -keystore $JAVA_HOME\jre\lib\security\cacerts -storepass changeit -noprompt

keytool -import -v -file filename.cer -keystore<Reporing Server Install Dir>/java/jre/lib/security/cacerts -storepass changeit -noprompt

8. Restart the AAI service after importing the certificate.

9. Verify you can email a report by scheduling an Insight report, then going to System Tools->Report Scheduling and selecting a report and clicking the Play button.

10. If it is still failing check the <Reporting Server Install Dir>/apache-tomcat/webapps/jasperserver-pro/WEB-INF/logs/jasperserver.log file