詹金斯SMTP TLS [英] Jenkins SMTP TLS
问题描述
我正在尝试将Jenkins设置为使用我们公司的SMTP服务器通过电子邮件发送构建通知.我们正在使用TLS作为端口587上的加密方法.不过,我似乎无法使电子邮件通知正常工作.
I'm trying to setup Jenkins to use our company's SMTP server to email build notifications. We are using TLS as the encryption method on port 587. I can not seem to get the email notification to work properly though.
这是我的Hudson.Tasks.Mailer.xml文件,因此您可以查看我的配置(我已经删除了SMTP身份验证用户和密码,并稍稍更改了smtpHost以防万一)
Here is my Hudson.Tasks.Mailer.xml file so you can see my config (I've removed the SMTP auth user and password and changed the smtpHost slightly just in case)
<hudson.tasks.Mailer_-DescriptorImpl>
<helpRedirect/>
<defaultSuffix></defaultSuffix>
<hudsonUrl>http://localhost:8080/</hudsonUrl>
<smtpAuthUsername></smtpAuthUsername>
<smtpAuthPassword></smtpAuthPassw$
<adminAddress></adminAddress>
<smtpHost>pod#####.outlook.com</smtpHost>
<useSsl>true</useSsl>
<smtpPort>587</smtpPort>
<charset>UTF-8</charset>
</hudson.tasks.Mailer_-DescriptorImpl>
这似乎是一个已知问题,来自 http://issues.hudson- ci.org/browse/HUDSON-2206
It looks like this is a known issue, from http://issues.hudson-ci.org/browse/HUDSON-2206
我对Apple OS(运行Jenkins的计算机)不是很熟悉,但是我认为我可以使用上述解决方法解决问题.但我不确定要在哪里放置该解决方法,因此我尝试将其放在这里: /Library/Application Support/Jenkins/jenkins-runner.sh
I am not very familiar with Apple OS (which is the machine that is running Jenkins) but I thought I could resolve the issue using the workaround mentioned. I wasn't exactly sure where to put that workaround though, so I tried putting it here: /Library/Application Support/Jenkins/jenkins-runner.sh
defaults="defaults read /Library/Preferences/org.jenkins-ci"
war=`$defaults war` || war="/Applications/Jenkins/jenkins.war"
javaArgs="-Dmail.smtp.starttls.enable=\"true\""
heapSize=`$defaults heapSize` && javaArgs="$javaArgs -Xmx${heapSize}"
permGen=`$defaults permGen` && javaArgs="$javaArgs -XX:MaxPermSize=${permGen}"
home=`$defaults JENKINS_HOME` && export JENKINS_HOME="$home"
add_to_args() {
val=`$defaults $1` && args="$args --${1}=${val}"
}
args=""
add_to_args prefix
add_to_args httpPort
add_to_args httpListenAddress
add_to_args httpsPort
add_to_args httpsListenAddress
add_to_args ajp13Port
add_to_args ajp13ListenAddress
echo "JENKINS_HOME=$JENKINS_HOME"
echo "Jenkins command line for execution"
echo /usr/bin/java $javaArgs -jar "$war" $args
exec /usr/bin/java $javaArgs -jar "$war" $args
这似乎无法解决.启动Jenkins时,我可以在控制台中看到该调用,但是当我尝试测试配置电子邮件时,出现以下错误:
That didn't appear to resolve it. I can see that call in the console when Jenkins is started up, but when I try a test configuration email I get the following error:
Failed to send out e-mail
javax.mail.MessagingException: Could not connect to SMTP host: pod#####.outlook.com, port: 587;
nested exception is:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638)
at javax.mail.Service.connect(Service.java:317)
at javax.mail.Service.connect(Service.java:176)
at javax.mail.Service.connect(Service.java:125)
at javax.mail.Transport.send0(Transport.java:194)
我还有什么可以尝试的想法?我已经尝试过将电子邮件帐户切换为使用gmail的smtp服务器,并且可以正常工作,但是如果可以的话,我宁愿使用我们的smtp服务器.
Any ideas on what else I can try? I've tried switching the email account to use gmail's smtp server and that works fine, but I'd rather have it using our smtp server if I can.
推荐答案
将SMTP端口从587更改为465为我解决了此问题:
Changing the SMTP port from 587 to 465 resolved this issue for me:
SMTP server: smtp.mandrill.com
Use SMTP Authentication: true
Use SSL: true
SMTP Port: 465
据我所知(免责声明:我绝不是哈德森/詹金斯专家) Hudson/Jenkins电子邮件插件支持SSL加密的SMTP通信-但是,此实现要求从一开始就对通信进行加密.
From what I can tell (disclaimer: I am by no means a Hudson/Jenkins expert) the Hudson/Jenkins email plugin supports SSL encrypted SMTP communication - however this implementation requires that communications are encrypted from the get go.
在端口587上连接时,另一端的服务器可能期望使用STARTTLS命令(请参见
When connecting on port 587, the server on the other end may expect a STARTTLS command (see this SSL vs TLS vs STARTTLS article). This command is sent using plain-text to 'upgrade' the connection to use SSL/TLS.
Hudson/Jenkins尝试尝试在端口587上开始协商SSL,该端口被迅速拒绝,从而导致以下错误:
Hudson/Jenkins instead attempts to start negotiating SSL on port 587, which is promptly rejected, resulting in the following error:
javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
我尝试添加建议的JAVA选项"-Dmail.smtp.starttls.enable = true"以启用TLS:
I tried adding the suggested JAVA options "-Dmail.smtp.starttls.enable=true" to enable TLS:
JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dmail.smtp.starttls.enable=true"
不幸的是,这并不能为我解决问题.
Unfortunately this didn't resolve the issue for me.
将端口更改为465后,SSL协商正确发生,并且通信成功.
After changing the port to 465, the SSL negotiation occurred correctly and the communication succeeded.
希望有帮助.
注意:当您为任何"SSL-465端口"或非SSL-端口587"选中使用SMTP身份验证"选项时,Jenkins电子邮件插件始终需要SMTP凭据,这些凭据通常是发件人的电子邮件凭据配置.
Note: Jenkins email plugin always needs SMTP credentials that are often sender's email credentials when you checkmark "Use SMTP Authentication" option for any "SSL - port 465" or "non SSL - port 587" configuration.
这篇关于詹金斯SMTP TLS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!