Send SMTP mail: SecureConnection Auto Error when upgrading the package

If I upgrade UiPath.Mail.Activities to above 1.9.6, and set SecureConnection to Auto, an error occurs.:

Send Notification: An error occurred while attempting to establish an SSL or TLS connection.

The host name did not match the name given in the server's SSL certificate.

Is this behavior normal or a bug?
I cannot upgrade the package since I need to set SecureConnection to Auto.

@yesterday

Can you please try to change the SecureConnection type from Auto to None and then check it once.

I know setting SecureConnection to None works, but for security reasons, I want to set it to Auto.

1 Like

We found that if we turned off encryption in the activity

Does turned off encryption mean setting SecureConnection to None?

I’m sorry I am not familiar with SMTP. If I set SecureConnection to None, emails will not be encrypted, correct?
I want to avoid the worst case scenario if some viruses break into the network and steal information etc…

Is there any workaround?

Yes that’s what it means. It was just a troubleshooting step, we aren’t allowed to leave encryption off because, as you said, then the emails aren’t encrypted.

The actual solution was updating the certificate to also contain reference to the DNS name we use smtp.ourcompany.com which load balances to different SMTP servers. When we changed our Send SMTP Email activity to explicitly use a specific SMTP server it worked fine, and if we turned off encryption and used the DNS name it worked, but using the DNS name with encryption turned on didn’t work because the DNS name wasn’t in the new certificate they had uploaded.

By the way, as a tip…because of what happened we now store the name and port of our SMTP Server in an Asset in Orchestrator. All our automations use the Asset values for the Send SMTP Email activity. That way if we run into a similar issue in the future, all we have to do is change the Assets and all our automations will work.

For example if the DNS name changed to smtpserver.ourcompany.com instead of smtp.ourcompany.com we’d only have to change one Asset to fix all our automations. Or if they break the cert again (or it expires etc) we can just use the Asset to point all our automations at a specific SMTP server as a workaround until the cert is fixed.