SAP Business One on Hana Mail service setup for Office 365

In SAP Business One Job Services, you setup a office 365 account and click test. You got the following issue.

Capture.PNG

you receive the error “PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path”, then perform the following steps on the Job Service’s Linux machine:

For Office365:

1.1. Run the command: “openssl s_client -showcerts -connect smtp.office365.com:587 -starttls smtp -state”. The result will be similar to the following:

resulttls.png

1.2. Create an empty file and copy the first certificate (the red part in above screenshot) from the step 1.1 output. Remember the copy contains “—BEGIN CERTIFICATE—” and “—END CERTIFICATE–”. Save these strings in the file.cer file. You can double-click to open file.cer in a MS Windows environment so that you can check if this certification is correct. If the file is correct, it should be opened as follows:

cert.png

1.3. Back up the file /usr/sap/SAPBusinessOne/Common/sapjvm_8/jre/lib/security/cacerts with the  command:  “cp /usr/sap/SAPBusinessOne/Common/sapjvm_8/jre/lib/security/cacerts /usr/sap/SAPBusinessOne/Common/sapjvm_8/jre/lib/security/cacerts.bak”

1.4. Under the path /usr/sap/SAPBusinessOne/Common/sapjvm_8/jre/bin/ run the command: “keytool -keystore ../lib/security/cacerts -importcert -alias office365smtp -file /home/file.cer“.

  • /home/file.cer is the certificate you saved in step 1.2.
  • Keytool default path is: /usr/sap/SAPBusinessOne/Common/sapjvm_8/jre/bin/
  • Cacerts default path is /usr/sap/SAPBusinessOne/Common/sapjvm_8/jre/lib/security/cacerts
  • office365smtp is the name you want to import into as a trusted CA.

When you type this command, you will be required to verify the password. The default password is changeit. After you enter the password, the system will ask you if you want to import this certification; enter “y” to continue.

1.5. Run: “keytool -list -v -keystore ../lib/security/cacerts|grep office365smtp”; verify that step 1.4 is correct and this certificate is then imported as a trusted CA.

1.6. Restart Server Tools and try to connect with Office365 again.