The AppMon Server can generate an email notification when the following occurs:
- You send a scheduled report to specified email recipients. See Automated Reporting for more information.
- A specified incident is triggered. See Incidents and Alerting for more information.
The AppMon Server uses SMTP protocol for sending email and relies on an external SMTP server for the forwarding of email to recipients. To send email using AppMon, you need the connection details to an SMTP server, which includes:
- SMTP server hostname
- SMTP server port (default is 25)
- Is SSL encryption required?
- Is authentication required?
- SMTP username
- SMTP password
You can use users and groups defined in AppMon as recipients as long as they have an email address assigned. If you use LDAP for user and group information, then the email address and group assignments from the LDAP repository are synchronized to the AppMon user repository and are used automatically.
Configuring the system for sending email
For the system to send email, you or an administrator must set up the system email configuration in the Email tab of the Server Settings Services pane.
To access this tab, choose Settings > Dynatrace Server > Services and select the Email tab. You can also access the Server Settings dialog box from the Administration section of the Start Center.
Server Settings Services Pane - Email Tab
The following are the required values:
- Hostname: Specifies the machine which provides the SMTP server instance.
- Port: The port on which the SMTP server instance is listening, default value is 25 for unencrypted (plain) communication and 465 for using secure (encrypted) transport (SSL).
- Connection type: Choose one of the following connection types when contacting the email server:
- Unencrypted: Plain communication, no protection.
- Secure (SSL): Use SSL protocol to secure the communication with the email server (if supported by the server).
- StartTLS(optional): Use StartTLS protocol to secure the communication. If the email server supports TLS communication then the mail will be sent encrypted. If the server does not support TLS then the mail will be sent in plain text.
- StartTLS(required): Use StartTLS protocol to secure the communication. If the email server supports TLS communication then the mail will be sent encrypted. If the server does not support TLS then the mail will not be sent.
You can also specify the following values:
- Username/Password: Provides authentication details, only necessary if your SMTP server requires these.
- Bounce Address: Specifies an administrative email address that is informed whenever an email can not be delivered by the SMTP server, foe example if it is mistyped or the recipient email address is no longer valid.
- Default From: Specifies the email address that is used as sender of emails.
- Subject Prefix: Specifies some text that is prepended to the subject-field of all emails that are sent. This is useful to quickly distinguish emails and to easily filter emails in email client software.
In the Email recipient box, enter an email address to verify that your provided SMTP server settings work. Press Send verification email to test.
Verify Email Address Dialog Box
Importing the Email Server Certificate
If you want to use a secure connection to your email server by specifying either SSL or StartTLS as connection type you might get an error message when sending a mail which looks like this one:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
This message indicates that the email server certificate could not be found. In that case you have to get/retrieve the email server certificate first and then you have to import it into the Java Runtime certificate store.
This certificate store is named “cacerts” and it is located in the lib/security directory of your JRE installation. You can use the Java “keytool” command line utility to get the certificate imported:
keytool -import -alias <alias> -keystore <path-to-jre>\lib\security\cacerts -file <path-to-certificate-file>
The “alias” parameter names the certificate. An example command could look like this:
keytool -import -alias MyEmailServer -keystore %JAVA_HOME%\lib\security\cacerts -file emailserver.der
You are prompted for the keystore/certificate store password. If you did not change it, the password is set to changeit by default.
If the email server certificate isn’t a self-signed one you have to retrieve the root (CA) certificate for the email server certificate. Using an SSL/TLS connection implies that the certificate chain for the email server certificate must be validated on the client side (the email sender). This chain only validates if its root (CA) certificate is trusted and contained in the cacerts certificate store. Thus one has to import the root (CA) certificate into the store instead of the email server certificate itself.