Article Number
000002082
Applies To
RSA Product Set: RSA NetWitness Platform
RSA Product/Service Type: Admin Server / Reporting Engine / Integration Server
RSA Version/Condition: 11.6.1.4 and 11.7.1.1
Issue
Email output action fails after using smtp.office365.com server in the NetWitness Reporting Engine output actions window / Admin Legacy Email window (Admin > System > Email) / Global Notifications window (Admin > System > Global Notifications).
Resolution
Send emails to your Outlook account using smtp.office365.com server
You must add the following certificates to the Integration Server’s trust – store to send emails using smtp.office365.com server.
- smtp_office365.crt – Server Certificate
- DigiCert Global Root CA – Root CA Certificate
To add smtp_office365.crt to the Integration Server’s trust – store:
1. SSH to the Admin server.
2. Fetch the smtp_office365.crt file. Run the following command.
openssl s_client -connect smtp.office365.com:587 -crlf -starttls smtp -showcerts | openssl x509 -outform PEM -out smtp_office365.crt
3.
Convert smtp_office365.crt file to smtp_office365.pem file. Run the following command.
openssl x509 -in smtp_office365.crt -out smtp_office365.pem
4. Import the smtp_office365.pem file to the Integration Server. Run the following command.
security-cli-client --add-trusts --service integration-server --superuser-id <userID> --superuser-pwd <password> --chain-file <absolute path of the smtp pem file>
To add DigiCert Global Root CA to the Integration Server’s trust – store:1. Download the file https://download.microsoft.com/download/4/a/b/4ab1c940-826b-444b-b287-b7a902e68da0/m365_root_certs_20220331.p7b on a Windows machine (local system).2.
Open the Certificates Manager window. Double-click the root folder and then double-click the Certificates sub-folder. 3.
Open the DigiCert Global Root CA.The Certificate window is displayed.
4.
Go to Details. Click Copy to File.The Certificate Export Wizard is displayed. Click Next.5.
Select DER encoded binary X.509 (.CER). Click Next.6.
Click Browse. Enter the file name and click Save.
7. Click Next and then click Finish.The successful export notification is displayed.
8. SSH to the Admin Server.
9. Copy the certificate downloaded on your local system to the Admin Server.
10. Convert the DigiCert Global Root CA (.cer) file to a .pem file. Run the following command:
openssl x509 -in <absolute path of the copied .cer file > -out <destination path for the .pem file>
11.
Import the .pem file to the Integration Server. Run the following command:
security-cli-client --add-trusts --service integration-server --superuser-id <userID> --superuser-pwd <password> --chain-file <absolute path of the .pem file>
Important: NetWitness Platform supports the port SSL enabled [With Authentication], Port: 587 for smtp.office365.com server.Note: NetWitness Platform supports the same port (SSL enabled [With Authentication], Port: 587) for smtp.gmail.com server as well.
Send emails to your Gmail account using smtp.gmail.com server
If the email output action fails to send the email/s to the configured Gmail account using the smtp.gmail.com server configured in the NetWitness Reporting Engine output actions window / Admin Legacy Email window (Admin > System > Email) / Global Notifications window (Admin > System > Global Notifications), do the following:1.
Log in to the Gmail account.
2. Go to the Settings tab. Enable IMAP.3.
Go to Manage Account > Security. Set the Less secure app access option to On.Note: After performing the steps above, if you are still unable to receive the emails on your Gmail account, do the following:
- Go to https://accounts.google.com/DisplayUnlockCaptcha.
- Sign in to the Gmail account configured to receive the notifications from NetWitness.
- Click Continue to allow access.