Solved

The remote certificate is invalid according to the validation procedure.

Posted on 2016-11-14
14
14 Views
Last Modified: 2016-11-23
I'm trying to send an email from an ASP.NET (VB) web page via my hosting companies mail server, but getting the above error. They are telling me that they do not allow plain text mail and I must send using SSL, I have included enableSSL in my web.config setting as follows:

<mailSettings>
      <smtp from="from@my.com">
        <network host="server IP" port="587" userName="from@my.com" password="password" enableSsl="true"/>
      </smtp> 
    </mailSettings>
 

Open in new window


What am i missing?
0
Comment
Question by:BrianFord
  • 9
  • 3
  • 2
14 Comments
 
LVL 18

Expert Comment

by:Peter Hutchison
ID: 41887506
Are you using a Public SSL certificate on your web site for your domain (my.com)?
0
 

Author Comment

by:BrianFord
ID: 41887671
Not sure I understand where the cert should be?

Should the cert be on my development laptop (where my aspx page) is running? or are you referring to the mail server itself?

 I have no access to the mail server.
0
 
LVL 18

Expert Comment

by:Peter Hutchison
ID: 41887693
The certificate should be placed on the server, where the messages are being sent from.

If you are sending the mail messages from a development site on your laptop as well, then you should have a certificate installed there too linked to your computer's FQDN name. You can either get one from a internal CA, a self-signed cert (if allowed) or from a public CA service.
0
 

Author Comment

by:BrianFord
ID: 41887778
On my dev laptop I don't have full-blown IIS installed.

When I run the project in Visual Studio it's basically an IIS Express website running on 'localhost:random port' can a cert be created for that?
0
 

Author Comment

by:BrianFord
ID: 41887881
So,

I installed IIS on my local PC and have installed a Self-Signed cert, when I navigate to my local site using HTTPS, everything is good, but when I try to send the email I still get the same error
0
 
LVL 74

Expert Comment

by:käµfm³d 👽
ID: 41887953
The key here is the word "remote" in the error message. Your local certificate situation should not have any bearing on this. You may need to verify what protocol suite(s) the hosting company's server uses. I would also check that they are using a valid certificate (as opposed to self-signed certificate) to secure their server. Maybe they have their own certificate authority and you have to update your server (or local machine) with their certificate authority info.
0
 

Author Comment

by:BrianFord
ID: 41888080
I thought that might be the case, their support is not being overly helpful :( their only suggestion to me was to include enableSSL='true" in my we-congig, which I did to no avail.

I would think their certs are valid as they are a large hosting company (www.hostdime.com) and I can't imagine I'm the only tryng to do this,. at this point I'm basically stumped :(
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 18

Expert Comment

by:Peter Hutchison
ID: 41888098
Looks like they offer SSL services http://www.hostdime.com/services/ssl-certificates/
Instructions on ordering a SSL cert here: http://www.hostdime.com/resources/order-ssl-via-core/
Instructions on installing cert here: http://www.hostdime.com/resources/install-ssl-via-whm/
0
 
LVL 74

Assisted Solution

by:käµfm³d 👽
käµfm³d   👽 earned 500 total points
ID: 41888193
Based on this page:

https://www.hostdime.com/resources/disable-plain-text-authentication/

...does it work if you use port 465?
0
 

Author Comment

by:BrianFord
ID: 41888249
Unfortunately not, but was worth a try :(  same error
0
 

Author Comment

by:BrianFord
ID: 41888260
actually, I had a typo in the port, 465 results in a timeout :(
0
 

Author Comment

by:BrianFord
ID: 41888268
This is what I'm using to send the email:

 Dim strFrom = "user@xxxx.com"
        Dim strTo = "me@mydoamin.com"
        Dim MailMsg As New MailMessage(New MailAddress(strFrom.Trim()), New MailAddress(strTo))

        MailMsg.BodyEncoding = Encoding.Default
        MailMsg.Subject = "Test Mail"
        MailMsg.Body = "This is a test email"
        MailMsg.Priority = MailPriority.Normal
        MailMsg.IsBodyHtml = True

        Dim SmtpMail As New SmtpClient
        Dim authenticationInfo As New Net.NetworkCredential("user@xxxx.com", "pwd here")

        SmtpMail.Host = "72.29.68.31"
        SmtpMail.Port = "465" ' also try 587
        SmtpMail.UseDefaultCredentials = False
        SmtpMail.EnableSsl = True
        SmtpMail.Credentials = authenticationInfo

        Try
            SmtpMail.Send(MailMsg)

        Catch ex As Exception
            Dim x As String = ex.Message
            lblInvalidCreds.Text = ex.Message
            lblInvalidCreds.Visible = True

        End Try

Open in new window

0
 

Accepted Solution

by:
BrianFord earned 0 total points
ID: 41893805
Issue turned out to be that the .NET System.Net.Mail does not support 'ImplicitSSL' running on port 465.

I changed to System.Web.Mail (which unfortunately is deprecated) but still works

For anyone with the same issue, the following code worked for me:

 
Dim myMail As New MailMessage()

        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/smtpserver", pServer)
        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/smtpserverport", "465")
        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/sendusing", "2")

        'sendusing: value 2, for sending the message using the network.
        'smtpauthenticate: Specifies the mechanism used when authenticating to an SMTP service over the network.
        ' Possible values are:
        ' 0 = Do Not authenticate.
        ' 1 = Use basic clear-text authentication, When using this option you have to provide the user name and password through the sendusername and sendpassword fields.
        ' cdoNTLM, value 2. The current process security context is used to authenticate with the service.

        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate", "1") 'Use 0 for anonymous
        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/sendusername", pUserName)
        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/sendpassword", pPwd)
        myMail.Fields.Add("http://schemas.microsoft.com/cdo/configuration/smtpusessl", "true")
        myMail.From = pMailFrom
        myMail.[To] = pMailTo
        myMail.Subject = pSubject
        myMail.BodyFormat = MailFormat.Html
        myMail.Body = pBody

        'If pAttachmentPath.Trim() <> "" Then
        '    Dim MyAttachment As New MailAttachment(pAttachmentPath)
        '    myMail.Attachments.Add(MyAttachment)
        '    myMail.Priority = System.Web.Mail.MailPriority.High
        'End If

        SmtpMail.SmtpServer = pServer & ":465"

Open in new window

0
 

Author Closing Comment

by:BrianFord
ID: 41898880
c
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Microsoft Reports are based on a report definition, which is an XML file that describes data and layout for the report, with a different extension. You can create a client-side report definition language (*.rdlc) file with Visual Studio, and build g…
In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now