Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

I can't send emails on Ubuntu server [javax.net.ssl.SSLHandshakeException]

Tags:

java

linux

email

spring

ssl

I can't send emails on Unbuntu server suddenly.

It's happened since today. It's still working on local.

javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1907)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:666)

JAVA:
openjdk version "11.0.11" 2021-04-20
OpenJDK Runtime Environment (build 11.0.11+9-Ubuntu-0ubuntu2.20.04)
OpenJDK 64-Bit Server VM (build 11.0.11+9-Ubuntu-0ubuntu2.20.04, mixed mode, sharing)

Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384

like image 651
Yeon Avatar asked Dec 22 '22 15:12

Yeon

2 Answers

It looks like your server uses TLSv1.1 or earlier, and you recently upgraded your Java to version 11.0.11. This version of Java has disabled TLSv1.0 and TLSv1.1 by default, see for example the Oracle Java 11.0.11 release notes (though AFAIK this applies to all OpenJDK-derived versions):

security-libs/javax.net.ssl
Disable TLS 1.0 and 1.1

TLS 1.0 and 1.1 are versions of the TLS protocol that are no longer considered secure and have been superseded by more secure and modern versions (TLS 1.2 and 1.3).

These versions have now been disabled by default. If you encounter issues, you can, at your own risk, re-enable the versions by removing "TLSv1" and/or "TLSv1.1" from the jdk.tls.disabledAlgorithms security property in the java.security configuration file.

I suggest that you try if removing TLSv1.1 from the jdk.tls.disabledAlgorithms property in the java.security file fixes your problem, and if that fails, to try removing TLSv1. This would be an indication that your mailserver needs to be updated or configured to support more recent and more secure versions of TLS.

like image 87
Mark Rotteveel Avatar answered Dec 29 '22 01:12

Mark Rotteveel

If you have ubuntu OS then go to

/usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security

then find jdk.tls.disabledAlgorithms

Then remove TLSv1, TLSv1.1

reboot the server and try to send mail again.

like image 40
DEEPAK MAURYA Avatar answered Dec 29 '22 01:12

DEEPAK MAURYA
Sign in to Comment

Related questions

Java Map - log message when key is not found in getOrDefault
Java - why won't char '+' appear on the console? [duplicate]
Get the remaining dates of current week using java
Difference between normal instantiation and instantiation including method reference
Var keyword in Java
Error using SonarLint in Visual Studio Code (VsCode) and Java 11
MockMVC is not autowired, it is null
Netbeans does not install on MacOS Big Sur
java.time.format.DateTimeParseException could not be parsed migrating from Java 8 to Java 11
major version 53 is newer than 52, the highest major version supported by this compiler. Android studio
IntelliJ Error: java.lang.OutOfMemoryError: GC overhead limit exceeded
What is the file size after encryption using AES/CBC/PKCS5Padding in java
Disabling SSL verification for Elastic search Restclient not working in Java
What is a good way to get ENUM values from a ENUM representing some Weekdays
Wants static but can't support?
How can I disable Night Mode in Android 11?
Using Jackson to deserialize with Lombok builder
Difference between Interface and Class object memory allocation
BiSupplier in Java8
Regex to match words inside two or three curly braces

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!