Setting up the email on nopCommerce that is hosted on Azure

Hi guys,

I'm new to nopCommerce and no matter how much I've tried I still haven't got the email sending to work on my 4.30 nopCommerce website that is hosted on an Azure VM. I have done the setup just like the instructions of nopCommerce documentation. I have used the following configuration for the email:

Email address  [email protected]
Email display name:  DisplayName
Host:    smtp.gmail.com
Port:    587
User:    [email protected]
Password:    <password>
SSL:    <checked>
Use default credentials:<NOT checked>

Then I get this error:

An error occurred while attempting to establish an SSL or TLS connection. This usually means that the SSL certificate presented by the server is not trusted by the system for one or more of the following reasons: 1. The server is using a self-signed certificate which cannot be verified. 2. The local system is missing a Root or Intermediate certificate needed to verify the server's certificate. 3. A Certificate Authority CRL server for one or more of the certificates in the chain is temporarily unavailable. 4. The certificate presented by the server is expired or invalid. Another possibility is that you are trying to connect to a port which does not support SSL/TLS. It is also possible that the set of SSL/TLS protocols supported by the client and server do not match. See https://github.com/jstedfast/MailKit/blob/master/FAQ.md#SslHandshakeException for possible solutions.

The SSL I'm using is an SSL I got from Win-acme (I guess self-signed) that expires in 3 months.

If I uncheck the SSL, I get:

535: 5.7.8 Username and Password not accepted.

And in the logs I get (Even though the username and password I'm using is correct):

Nop.Core.NopException: 535: 5.7.8 Username and Password not accepted. Learn more at
5.7.8  https://support.google.com/mail/?p=BadCredentials c18sm7025689wrx.63 - gsmtp
---> MailKit.Security.AuthenticationException: 535: 5.7.8 Username and Password not accepted. Learn more at
5.7.8  https://support.google.com/mail/?p=BadCredentials c18sm7025689wrx.63 - gsmtp
---> MailKit.Net.Smtp.SmtpCommandException: 5.7.8 Username and Password not accepted. Learn more at
5.7.8  https://support.google.com/mail/?p=BadCredentials c18sm7025689wrx.63 - gsmtp
   --- End of inner exception stack trace ---
   at MailKit.Net.Smtp.SmtpClient.AuthenticateAsync(Encoding encoding, ICredentials credentials, Boolean doAsync, CancellationToken cancellationToken)
   at MailKit.Net.Smtp.SmtpClient.Authenticate(Encoding encoding, ICredentials credentials, CancellationToken cancellationToken)
   at Nop.Services.Messages.SmtpBuilder.Build(EmailAccount emailAccount) in D:\a\1\s\src\Libraries\Nop.Services\Messages\SmtpBuilder.cs:line 74
   --- End of inner exception stack trace ---
   at Nop.Services.Messages.SmtpBuilder.Build(EmailAccount emailAccount) in D:\a\1\s\src\Libraries\Nop.Services\Messages\SmtpBuilder.cs:line 74
   at Nop.Services.Messages.EmailSender.SendEmail(EmailAccount emailAccount, String subject, String body, String fromAddress, String fromName, String toAddress, String toName, String replyTo, String replyToName, IEnumerable`1 bcc, IEnumerable`1 cc, String attachmentFilePath, String attachmentFileName, Int32 attachedDownloadId, IDictionary`2 headers) in D:\a\1\s\src\Libraries\Nop.Services\Messages\EmailSender.cs:line 196
   at Nop.Services.Messages.QueuedMessagesSendTask.Execute() in D:\a\1\s\src\Libraries\Nop.Services\Messages\QueuedMessagesSendTask.cs:line 57

I checked my Gmail's Two-factor Authentication setting and it's turned off.

I don't have many ideas left what to do so your help is much appreciated.

Now I bought an SSL but I still get the same exceptions.

Today I noticed that with my subscription type on Azure VM, I had to use SendGrid. I managed to send emails with SendGrid with PowerShell from Azure VM:

$From = "[email protected]"
$To = "[email protected]"
$Subject = "Here's the Email Subject"
$Body = "Sendgird test"
$SMTPServer = "smtp.sendgrid.net"
$SMTPPort = "587"
$Creds = (Get-Credential -Credential "apikey")
Send-MailMessage -From $From -to $To -Subject $Subject -Body $Body -SmtpServer $SMTPServer -port $SMTPPort -UseSsl -Credential $Creds –DeliveryNotificationOption OnSuccess

But I still can't send emails with nopCommerce 4.30 with the exact same parameters. I get this exception:

System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.)
---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
   at System.Net.Security.SslStream.PartialFrameCallback(AsyncProtocolRequest asyncRequest)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Security.SslStream.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslStream.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
   at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__65_1(IAsyncResult iar)
   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)
--- End of stack trace from previous location where exception was thrown ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean allowHttp2, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at Microsoft.Extensions.Http.Logging.LoggingHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at Microsoft.Extensions.Http.Logging.LoggingScopeHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)
   --- End of inner exception stack trace ---
   at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
   at Nop.Services.Tasks.TaskThread.Run() in D:\a\1\s\src\Libraries\Nop.Services\Tasks\TaskThread.cs:line 72

Ok, now I got everything working. Port 587 didn't work with SSL checked. Instead, I had to either uncheck the SSL or use Port 465 with the SSL checked. I went with the second option.

It doesn't work with office 365 email. I tried all option combinations. Got to:
An error occurred while attempting to establish an SSL or TLS connection. This usually means that the SSL certificate presented by the server is not trusted by the system for one or more of the following reasons: 1. The server is using a self-signed certificate which cannot be verified. 2. The local system is missing a Root or Intermediate certificate needed to verify the server's certificate. 3. A Certificate Authority CRL server for one or more of the certificates in the chain is temporarily unavailable. 4. The certificate presented by the server is expired or invalid. Another possibility is that you are trying to connect to a port which does not support SSL/TLS. It is also possible that the set of SSL/TLS protocols supported by the client and server do not match. See https://github.com/jstedfast/MailKit/blob/master/FAQ.md#SslHandshakeException for possible solutions.

A work around with a second email address. My emails are office 365 so to work around this problem I created a non office 365 email on a server that allows me to relay to my office 365 account. So in the settings of nopCommerce I specified first my O365 account as email and my  non O365 account as user and pass etc. It took me sometime to play with settings and come up with this solution. It would be nice if this is resolved.