How To
Summary
"Could not convert socket to TLS" errors, when configuring a connection with an SMTP server, can be caused when trying to connect to a non-SSL port or when the SSL certificate use by the SMTP server is not trusted.
Steps
When IBM Security QRadar SOAR tries to send email messages to the SMTP server after configuring this feature by using resutil smtpedit, it will use TLS if the SMTP server supports it. However, if IBM SOAR does not trust the SMTP server's certificate, you get the "Could not convert socket to TLS" error message.
Check with your SMTP team whether the SMTP server is configured for SSL. If it is not, you can use resutil smtpedit -nostarttls to instruct IBM SOAR to not issue an encrypted TLS session with the SMTP server.
The top certificate authorities are companies such as Verisign, and eTrust, Comodo, GoDaddy, DigiCert. Certificates signed by these issuers are trusted. If the certificate returned by the SMTP server is not signed by a trusted certificate authority, then it is not trusted. You have to import the certificate from that server to explicitly trust it.
The solution to this problem is to add the SMTP server's certificate as a trusted certificate. To do that follow the steps in How to import untrusted certificates Into IBM Security SOAR.
sudo resutil smtptest -email <REPLACE>
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
21 January 2022
UID
ibm11162912