info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
AWS.SMTP.Client secure mode
75 views
Skip to first unread message
philip...@gmail.com
Sep 4, 2021, 11:20:41 PM9/4/21
to
The recent thread about sending email with AWS.SMTP.Client reminded me I need to finish working on a package I wrote a while ago that uses AWS.SMTP.Client. I have just been passing Server_Name => "localhost", Port => 25, and Secure => False to AWS.SMTP.Client.Initialize, to use a local mail relay, and that has worked fine.
I'm now trying to get secure communication to my email account mailserver working (SSL on port 465). Something deep in the bowels of AWS wants cert.pem to exist in the directory I run my program from, but it doesn't seem to be the cert.pem I retrieved from the mail server with openssl.
My program dies with:
raised AWS.SMTP.SERVER_ERROR : raised AWS.NET.SOCKET_ERROR : The requested data were not available.
immediately after reading the cert.pem file I fetched with openssl.
Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
I'm now trying to get secure communication to my email account mailserver working (SSL on port 465). Something deep in the bowels of AWS wants cert.pem to exist in the directory I run my program from, but it doesn't seem to be the cert.pem I retrieved from the mail server with openssl.
My program dies with:
raised AWS.SMTP.SERVER_ERROR : raised AWS.NET.SOCKET_ERROR : The requested data were not available.
immediately after reading the cert.pem file I fetched with openssl.
Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
Björn Lundin
Sep 6, 2021, 5:26:30 AM9/6/21
to
Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>
> Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
>
Yes.
>
> Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
>
I use Amazon as mailer - like this. Shortened version so it might not
compile. I think you need the Ada.Directories.Set_Directory statement
just as I need it.
in the directory I set , I have the cert.pem I'd like to use
procedure Mail_Saldo is
Subject : constant String := "Some Subject";
use AWS;
SMTP_Server_Name : constant String :=
"email-smtp.eu-north-1.amazonaws.com";
Status : SMTP.Status;
begin
Ada.Directories.Set_Directory(/where/is/my/cet/sslcert");
declare
Auth : aliased constant SMTP.Authentication.Plain.Credential :=
SMTP.Authentication.Plain.Initialize
("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
SMTP_Server : SMTP.Receiver := SMTP.Client.Initialize
(SMTP_Server_Name,
Port => 465,
Secure => True,
Credential => Auth'Unchecked_Access);
use Ada.Characters.Latin_1;
Msg : constant String := "Some MEssage";
Receivers : constant SMTP.Recipients := (
SMTP.E_Mail("A Mail Address",
"a.mail....@gmail.com"),
-- SMTP.E_Mail("Another Mail Addresss",
"another.ma...@gmail.co"));
begin
SMTP.Client.Send(Server => SMTP_Server,
From => SMTP.E_Mail ("A sender",
"Sen...@gmail.com"),
To => Receivers,
Subject => Subject,
Message => Msg,
Status => Status);
end;
if not SMTP.Is_Ok (Status) then
Log (Me & "Mail_Saldo", "Can't send message: " &
SMTP.Status_Message (Status));
end if;
end Mail_Saldo;
---------------------------------
cert.pem looks like
sslcert $ cat cert.pem
-----BEGIN RSA PRIVATE KEY-----
....
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
...........
-----END CERTIFICATE-----
--
Björn
philip...@gmail.com
Sep 6, 2021, 10:20:29 PM9/6/21
to
On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
> Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>
> >
> > Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
> >
> Yes.
> I use Amazon as mailer - like this. Shortened version so it might not
> compile. I think you need the Ada.Directories.Set_Directory statement
> just as I need it.
>
> in the directory I set , I have the cert.pem I'd like to use
Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?
> Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>
> >
> > Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
> >
> Yes.
> I use Amazon as mailer - like this. Shortened version so it might not
> compile. I think you need the Ada.Directories.Set_Directory statement
> just as I need it.
>
> in the directory I set , I have the cert.pem I'd like to use
As far as I know, none of the mail servers I am dealing with have any mechanism to register client certificates.
Björn Lundin
Sep 7, 2021, 2:21:59 AM9/7/21
to
Den 2021-09-07 kl. 04:20, skrev philip...@gmail.com:
> On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
>> Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>>
>>>
>>> Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
>>>
>> Yes.
>> I use Amazon as mailer - like this. Shortened version so it might not
>> compile. I think you need the Ada.Directories.Set_Directory statement
>> just as I need it.
>>
>> in the directory I set , I have the cert.pem I'd like to use
>
> Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?
>
Actually - lookin closer - it is the cert.pem that was distributed with
> On Monday, September 6, 2021 at 2:26:30 AM UTC-7, björn lundin wrote:
>> Den 2021-09-05 kl. 05:20, skrev philip...@gmail.com:
>>
>>>
>>> Has anyone ever got secure and authenticated AWS.SMTP.Client working? And if so, how did you do it?
>>>
>> Yes.
>> I use Amazon as mailer - like this. Shortened version so it might not
>> compile. I think you need the Ada.Directories.Set_Directory statement
>> just as I need it.
>>
>> in the directory I set , I have the cert.pem I'd like to use
>
> Is cert.pem a client certificate that will be passed to the server, or is it a server certificate the client uses to validate the server?
>
AWS 1.2.
That is longtime ago...
Obviously Amazon does not care. Auth is then via the lines
Auth : aliased constant SMTP.Authentication.Plain.Credential :=
SMTP.Authentication.Plain.Initialize
("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
I could not find it on github now - so I mailed you the one I got
SMTP.Authentication.Plain.Initialize
("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
--
Björn
philip...@gmail.com
Sep 7, 2021, 4:40:04 PM9/7/21
to
> Obviously Amazon does not care. Auth is then via the lines
> Auth : aliased constant SMTP.Authentication.Plain.Credential :=
> SMTP.Authentication.Plain.Initialize
> ("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
> I could not find it on github now - so I mailed you the one I got
OK, so your cert.pem works with my email provider. But I don't understand why it works, epecially since your certificate appears to have expired almost 13 years ago.
> Auth : aliased constant SMTP.Authentication.Plain.Credential :=
> SMTP.Authentication.Plain.Initialize
> ("AKFCAWS_IS_A_MAILSERVERT", "BOYbIsome-chars-from-amazomFDWW");
> I could not find it on github now - so I mailed you the one I got
0 new messages