ODK Central not able to add new user with email outside domain

poyat · February 22, 2022, 10:56am

1. What is the problem? Be very detailed.

I have ODK central installed on an Ubuntu server 20.04 VM using Docker
https://docs.getodk.org/central-install-digital-ocean/#installing-central

I am using a Microsoft Exchange server 2016 as a custom mail server - SMTP relay setup so not authentication required. I am able to add users with email addresses on our domain (they receive the link to set their passwords) but I get "something went wrong: error code 500" when I try to add users with email addresses outside our domain.

Exchange server certificates are valid and we are currently using Let's Encrypt for ODK Central - we are in the process of purchasing a new SSL certificate for the server

2. What app or server are you using and on what device and operating system? Include version numbers.

ODK Central v1.3.3
Ubuntu Server 20.04
Microsoft Exchange 2016

3. What you have you tried to fix the problem?

Updated the mail server configs in "files/service/config.json.template" and rebuilt the containers
Used docker-compose down delete and rebuild the containers
Created new send connectors on Exchange server
Rebooted the server

4. What steps can we take to reproduce the problem?

Install ODK Central and point to Microsoft Exchange server as a custom mail server

5. Anything else we should know or have? If you have a test form or screenshots or logs, attach below.

We also use the same mail server to send emails for a different application called REDCap and it works fine
After the last rebuild, the login page is available but doesn't allow me to log in - returns "something went wrong: error code 502"

yanokwa · February 22, 2022, 8:31pm

There is something broken or unusual with your SMTP server. You'll need to look at your logs (e.g., docker logs central_service_1) to see if there are any hints.

https://docs.getodk.org/central-install-digital-ocean/#using-a-custom-mail-server and https://docs.getodk.org/central-troubleshooting/#users-aren-t-receiving-emails are also useful resources to explore.

poyat · February 28, 2022, 1:41pm

Thank you for the response,

I had a look at the logs and they indicate that the problem is an expired certificate. (Attached)
Logs

I am using Let's Encrypt for Central and my mail server has a valid SSL certificate from DigiCert
I was able to create the users from the terminal using "docker-compose exec service odk-cmd --email user.name@domain.com user-create", so users are able to access central but the original problem still exists.

Curious to know if you have come across a similar situation before or if you have any suggestions I might try.

yanokwa · February 28, 2022, 7:32pm

Double-check check the expiration dates on all your certs. My guess is that your mail server cert (or intermediate cert) is expired. It might also be the case that the mail server doesn't support TLS or you are using the wrong port.

poyat · March 2, 2022, 7:59am

@yanokwa thanks a lot for your help.
The error was as a result of misaligned configurations for TLS on the server.
Once I reconfigured the receive connector on Exchange, the mail functionality was restored and is operational
Cheers