Article Number
000002082
Applies To
NetWitness Product Set: NetWitness Platform
NetWitness Product/Service Type: Admin Server, Reporting Engine, Integration Server
NetWitness Version/Condition: 11.x, 12.x
Platform: CentOS 7 / Alma
NetWitness Product/Service Type: Admin Server, Reporting Engine, Integration Server
NetWitness Version/Condition: 11.x, 12.x
Platform: CentOS 7 / Alma
Issue
Email output action fails after using smtp.office365.com server in the NetWitness Reporting Engine output actions window / Admin Legacy Email window (Admin > System > Email) / Global Notifications window (Admin > System > Global Notifications).
Resolution
Send emails to your Outlook account using smtp.office365.com server:
You must add the following certificates to the Integration Server’s trust – store to send emails using smtp.office365.com server.- smtp_office365.crt – Server Certificate
- DigiCert Global Root CA – Root CA Certificate
To add smtp_office365.crt to the Integration Server’s trust – store:
1. SSH to the Admin server.
2. Fetch the smtp_office365.crt file. Run the following command.
2. Fetch the smtp_office365.crt file. Run the following command.
openssl s_client -connect smtp.office365.com:587 -crlf -starttls smtp -showcerts | openssl x509 -outform PEM -out smtp_office365.crt
openssl x509 -in smtp_office365.crt -out smtp_office365.pem4. Import the smtp_office365.pem file to the Integration Server. Run the following command.
security-cli-client --add-trusts --service integration-server --superuser-id <userID> --superuser-pwd <password> --chain-file <absolute path of the smtp pem file>To add DigiCert Global Root CA to the Integration Server’s trust – store:
1. Download the file https://download.microsoft.com/download/4/a/b/4ab1c940-826b-444b-b287-b7a902e68da0/m365_root_certs_20220331.p7b on a Windows machine (local system).
2. Open the Certificates Manager window. Double-click the root folder and then double-click the Certificates sub-folder.
Image description3. Open the DigiCert Global Root CA.
The Certificate window is displayed.
Image description
Image description4. Go to Details. Click Copy to File.
The Certificate Export Wizard is displayed. Click Next.
Image description5. Select DER encoded binary X.509 (.CER). Click Next.
Image description6. Click Browse. Enter the file name and click Save.
7. Click Next and then click Finish.
The successful export notification is displayed.
Image description
8. SSH to the Admin Server.
9. Copy the certificate downloaded on your local system to the Admin Server.
10. Convert the DigiCert Global Root CA (.cer) file to a .pem file. Run the following command:
openssl x509 -in <absolute path of the copied .cer file > -out <destination path for the .pem file>
security-cli-client --add-trusts --service integration-server --superuser-id <userID> --superuser-pwd <password> --chain-file <absolute path of the .pem file>Important: NetWitness Platform supports the port SSL enabled [With Authentication], Port: 587 for smtp.office365.com server.
Note: NetWitness Platform supports the same port (SSL enabled [With Authentication], Port: 587) for smtp.gmail.com server as well.
Send emails to your Gmail account using smtp.gmail.com server:
If the email output action fails to send the email/s to the configured Gmail account using the smtp.gmail.com server configured in the NetWitness Reporting Engine output actions window / Admin Legacy Email window (Admin > System > Email) / Global Notifications window (Admin > System > Global Notifications), do the following:1. Log in to the Gmail account.
2. Go to the Settings tab. Enable IMAP.
Image description3. Go to Manage Account > Security. Set the Less secure app access option to On.
Image descriptionNote: After performing the steps above, if you are still unable to receive the emails on your Gmail account, do the following:
- Go to https://accounts.google.com/DisplayUnlockCaptcha.
- Sign in to the Gmail account configured to receive the notifications from NetWitness.
- Click Continue to allow access.
In this article
