0
Besoin d'aide pour corriger une erreur pour une application qui se connecte à un serveur SMTP (serveur Lotus Notes). J'ai déjà essayé plusieurs suggestions dans SO, mais rien de tout cela n'a fonctionné. L'application est capable de se connecter au serveur SMTP et de faire un handshake.
Cependant, une erreur se produit après le démarrage de starttls. Également commenter une ligne dans le fichier java.security comme suggéré sur le site Web d'Oracle puisque nous utilisons Java 8 mais cela ne fonctionne toujours pas.
Également un petit utilitaire pour vérifier quels protocoles SSL sont activés et SSLv3, TLS, TLSv1, TLSv1.2 sont tous activés. Je n'arrive pas à comprendre pourquoi le serveur voudrait utiliser SSLv3, puis dire que je ne pouvais pas convertir le socket en TLS. Cela n'a aucun sens.Erreur Spring Mail après l'envoi de l'argument starttls dans le serveur SMTP
code tronconiques
@Service
public class ManifestEmailService {
private static final Logger logger = Logger.getLogger(ManifestEmailService.class);
@Autowired
private JavaMailSender mailSender;
public void sendManifestMail(MailProperties prop, String recipient, String msgBody) {
logger.info("Creating Email Body");
logger.info("Sender mail: "+ prop.getSender()+ " Sender Subject: "+ prop.getMailSubject());
SimpleMailMessage msg = new SimpleMailMessage();
msg.setFrom(prop.getSender());
msg.setTo(recipient);
msg.setSubject("FHL");
msg.setText(msgBody);
try {
logger.info("Sending mail message");
mailSender.send(msg);
} catch (MailException mEx) {
logger.error("Problem sending email..." + mEx);
}
}
}
@Configuration
public ManifestoConfig {
@Bean
public JavaMailSender getJavaMailSender() {
JavaMailSenderImpl mailSender = new JavaMailSenderImpl();
FileProcessor io = new FileProcessor();
Properties props = io.loadManifestoProperties(manifestoPropPath);
logger.info("Configure Mail Properties ... ");
mailSender.setHost(props.getProperty("sender.mail.host"));
mailSender.setPort(Integer.valueOf(props.getProperty("sender.mail.port")));
mailSender.setUsername(props.getProperty("sender.mail.username"));
mailSender.setPassword(props.getProperty("sender.mail.password"));
mailSender.setJavaMailProperties(io.loadManifestoProperties(manifestoPropPath));
return mailSender;
}
}
fichier de propriétés
[email protected]
sender.mail.password=rubbishpassword1
sender.mail.subject=FHL
sender.mail.host=smtp.lotus.server.com
sender.mail.port=25
mail.transport.protocol=smtp
mail.smtp.auth=true
mail.smtp.starttls.enable=true
mail.smtp.timeout=5000
mail.smtp.ssl.enable=false
mail.debug=true
LOG erreur
2017-05-18 11:53:27.206 INFO 4804 --- [nio-8080-exec-6] org.fhl.service.Manifes
tEmailService : Sending mail message
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.s
mtp.SMTPTransport,Oracle]
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "smtp.lotus.server.com", port 25, isSSL fals
e
220 lotus.mail.server ESMTP Service (Lotus Domino Release 8.5.3FP6) read
y at Thu, 18 May 2017 08:53:27 +0100
DEBUG SMTP: connected to host "smtp.lotus.server.com", port: 25
EHLO client_user
250-lotus.mail.server Hello client_user ([10.210.136.6]), pleased
to meet you
250-TLS
250-HELP
250-STARTTLS
250-DSN
250-SIZE 52428800
250 PIPELINING
DEBUG SMTP: Found extension "TLS", arg ""
DEBUG SMTP: Found extension "HELP", arg ""
DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: Found extension "DSN", arg ""
DEBUG SMTP: Found extension "SIZE", arg "52428800"
DEBUG SMTP: Found extension "PIPELINING", arg ""
STARTTLS
220 Ready to start TLS
2017-05-18 11:53:28.236 ERROR 4804 --- [nio-8080-exec-6] org.fhl.service.Manifes
tEmailService : Problem sending email...org.springframework.mail.MailSendExc
eption: Mail server connection failed; nested exception is javax.mail.MessagingE
xception: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: Server chose SSLv3, but that protoc
ol version is not enabled or not supported by the client.. Failed messages: java
x.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: Server chose SSLv3, but that protoc
ol version is not enabled or not supported by the client.; message exceptions (1
) are:
Failed message 1: javax.mail.MessagingException: Could not convert socket to TLS
;
nested exception is:
javax.net.ssl.SSLHandshakeException: Server chose SSLv3, but that protoc
ol version is not enabled or not supported by the client.
Journaux SSL
[DEBUG] 2017-06-07 11:27:34.171 [JavaFX Application Thread] ManifestEmailService
- Load Mail Properties in into Javamail Session
DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.s
mtp.SMTPTransport,Sun Microsystems, Inc]
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: useEhlo true, useAuth true
DEBUG SMTP: trying to connect to host "164.39.7.92", port 25, isSSL false
220 lotus.mail.server ESMTP Service (Lotus Domino Release 8.5.3FP6) read
y at Wed, 7 Jun 2017 08:27:34 +0100
DEBUG SMTP: connected to host "smtp.lotus.server.com", port: 25
EHLO CHOL162
250-lotus.mail.server Hello CHOL162 ([10.210.136.21]), pleased to meet y
ou
250-TLS
250-HELP
250-STARTTLS
250-DSN
250-SIZE 52428800
250 PIPELINING
DEBUG SMTP: Found extension "TLS", arg ""
DEBUG SMTP: Found extension "HELP", arg ""
DEBUG SMTP: Found extension "STARTTLS", arg ""
DEBUG SMTP: Found extension "DSN", arg ""
DEBUG SMTP: Found extension "SIZE", arg "52428800"
DEBUG SMTP: Found extension "PIPELINING", arg ""
STARTTLS
220 Ready to start TLS
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
EHLO CHOL162
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for T
LSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLS
v1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TL
Sv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv
1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1496754662 bytes = { 245, 148, 158, 245, 226, 89, 218, 187,
38, 214, 67, 188, 66, 204, 91, 194, 210, 37, 14, 168, 255, 103, 89, 232, 246, 99
, 61, 8 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128
_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS
_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WI
TH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3D
ES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_
SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_
DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect28
3k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension server_name, server_name: [type=host_name (0), value=gbahelbv3.gb.tntp
ost.com]
***
JavaFX Application Thread, WRITE: TLSv1 Handshake, length = 140
JavaFX Application Thread, READ: SSLv3 Handshake, length = 58
*** ServerHello, SSLv3
RandomCookie: GMT: 1499415798 bytes = { 174, 160, 140, 96, 215, 83, 21, 198, 21
4, 57, 208, 183, 191, 65, 44, 179, 197, 159, 101, 44, 176, 53, 215, 81, 122, 49,
174, 189 }
Session ID: {193, 186, 187, 85, 52, 17, 137, 84, 154, 122, 240, 123, 100, 244,
27, 22}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
***
JavaFX Application Thread, handling exception: javax.net.ssl.SSLHandshakeExcepti
on: Server chose SSLv3, but that protocol version is not enabled or not supporte
d by the client.
JavaFX Application Thread, SEND TLSv1.2 ALERT: fatal, description = handshake_f
ailure
JavaFX Application Thread, WRITE: TLSv1.2 Alert, length = 2
JavaFX Application Thread, called closeSocket()
[ERROR] 2017-06-07 11:27:34.911 [JavaFX Application Thread] ManifestEmailService
- Mail Message crap!!!javax.mail.MessagingException: Can't send command to SMTP
host;
nested exception is:
javax.net.ssl.SSLHandshakeException: Server chose SSLv3, but that protoc
ol version is not enabled or not supported by the client.
Vous pouvez également activer SSLv3 uniquement pour cette session JavaMail en définissant le ['mail.smtp.ssl.protocols'] (https://javaee.github.io/javamail/docs/api/com/sun/mail/ smtp/package-summary.html # mail.smtp.ssl.protocols) propriété. –
@steffen merci pour l'info, je n'ai aucun contrôle sur le serveur SMTP qui est géré par d'autres équipes. Cependant, il existe d'autres applications Java qui se connectent à ce serveur SMTP et j'ai copié la même configuration dans mon fichier de propriétés, mais cela n'a pas fonctionné. – dimas
@Bill j'ai fait ce que vous avez suggéré "mail.smtp.ssl.protocols = SSLv3" mais cela n'a pas fonctionné. – dimas