From 17ac701af2991376cc9daaf8755de7a48fe3e36c Mon Sep 17 00:00:00 2001
From: Patrick Mueller <pmuellr@gmail.com>
Date: Thu, 2 Apr 2020 16:38:31 -0400
Subject: [PATCH] [Alerting] for email action, set tls.rejectUnauthorized:
 false when secure: false

resolves https://github.com/elastic/kibana/issues/62372

See the referenced issue for background.  Eventually we will probably have to
have a separate setting for `tls.rejectUnauthorized`, not base it on the
value of the `secure` config property.  But this will likely be useful for
a number of smtp servers used by customers.
---
 .../actions/server/builtin_action_types/lib/send_email.ts    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/x-pack/plugins/actions/server/builtin_action_types/lib/send_email.ts b/x-pack/plugins/actions/server/builtin_action_types/lib/send_email.ts
index 74eead0708545..47d7aff8022ce 100644
--- a/x-pack/plugins/actions/server/builtin_action_types/lib/send_email.ts
+++ b/x-pack/plugins/actions/server/builtin_action_types/lib/send_email.ts
@@ -65,6 +65,11 @@ export async function sendEmail(logger: Logger, options: SendEmailOptions): Prom
     transportConfig.host = host;
     transportConfig.port = port;
     transportConfig.secure = !!secure;
+    if (!transportConfig.secure) {
+      transportConfig.tls = {
+        rejectUnauthorized: false,
+      };
+    }
   }
 
   const nodemailerTransport = nodemailer.createTransport(transportConfig);