Send SMTP Mail Message activity - The revocation function was unable to check revocation for the certificate.

system · January 3, 2025, 4:28pm

When sending email via smtp An error occurred while attempting to establish an SSL or TLS connection.

Issue Description

While trying to use the Send SMTP Mail Message activity, the below error message may occur in the Robot/Studio machine:

MailKit.Security.SslHandshakeException: An error occurred while attempting to establish an SSL or TLS connection.
The server’s SSL certificate could not be validated for the following reasons:
• The server certificate has the following errors:

• The revocation function was unable to check revocation for the certificate.

• The revocation function was unable to check revocation because the revocation server was offline.

Root Cause

This is usually a transient error caused by the CRL server being offline or otherwise unreachable at the time when you tried to establish and SSL/TLS connection and so the SslStream was unable to validate the server's SSL certificate.

Resolution

The CRL server is the central authority that provides a way for clients to check if a certificate has been revoked or not.

Workaround

Try to ignore the Certificate Revocation List validation when connecting to the SMTP server by setting True for the IgnoreCRL property (This field only accepts Boolean values and variables. If left empty, the default False value is used.) in the Send SMTP Mail Message activity.

However, it is a workaround and to resolve the issue, check the following internally.

Ensure that firewall settings allow access to the Certificate Revocation List (CRL) distribution points. Firewalls or proxy servers may sometimes block access to these URLs, leading to revocation check failures.
Verify that the CRL distribution points specified in the certificate are accessible from the production environment. This can be done by manually accessing the URLs listed in the certificate’s CRL Distribution Points (CDP) extension. It is recommended to attempt accessing the CRL distribution point from the robot machine.
Confirm that the entire certificate chain is trusted and that all intermediate certificates are properly installed. Missing intermediate certificates may cause revocation checks to fail.
Review the Event Viewer logs for any related errors or warnings, which may provide further insight into the cause of the issue.
Check if it is working in a lower environment, if yes, compare the network configurations between both environments. Look for any differences in firewall rules, proxy settings, or network routes that might affect CRL access.
Ensure that all certificates, including root and intermediate certificates, are up to date. Outdated certificates can sometimes cause unexpected issues.
In addition to the IgnoreCRL property, review other settings related to certificate revocation checking to ensure there are no discrepancies.
Consult the documentation provided by the Certificate Authority (CA) for any specific recommendations or known issues related to CRL access and revocation checking.

If the issue persists. loop in CA for further assistance.

Topic		Replies	Views
Email secure Activities orchestrator , studio , other	5	45	November 7, 2025
SMTP " Send SMTP Mail Message: An error occurred while attempting to establish an SSL or TLS connection Activities mail , activities , question	3	1276	October 19, 2022
Mail activity got failed Robot robot , question	6	1764	April 18, 2021
Send SMTP Mail Message: An error occurred while attempting to establish an SSL or TLS connection Studio orchestrator , activities , studio , error , logging , settings , smtp	2	1728	October 2, 2023
Error when trying to send email using "send SMTP mail message" Help	2	1584	March 15, 2022