如何强制JavaMailSenderImpl使用TLS1.2? [英] How to force JavaMailSenderImpl to use TLS1.2?
问题描述
具有在Tomcat上运行的JDK7应用程序,并且确实具有以下环境设置:
Have a JDK7 app running on Tomcat and it does have the following env settings:
-Dhttps.protocols=TLSv1.1,TLSv1.2
以上设置可确保在通过HTTPS连接时我们不使用TLS 1.0
The above setting ensures that we don't use TLS 1.0 when connecting over HTTPS while making API calls etc.
我们还使用org.springframework.mail.javamail。 JavaMailSenderImpl 类发送传出SMTP电子邮件,并使用这些道具:
We also use the org.springframework.mail.javamail.JavaMailSenderImpl class to send outgoing SMTP email, and use these props:
mail.smtp.auth=false;mail.smtp.socketFactory.port=2525;mail.smtp.socketFactory.fallback=true;mail.smtp.starttls.enable=true
问题在于SMTP电子邮件服务器升级到TLS1.2时发生故障。
The problem is that the connection to the SMTP email server is failing when it's upgraded to TLS1.2.
javax.net.ssl.SSLHandshakeException:握手期间远程主机关闭连接
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
是否存在将强制执行TLS1.2协议的设置或代码更改?
我做了一些搜索,看来这些环境设置仅适用于applet和Web客户端,不适用于服务器端应用程序
I did some searching and it looks like these env settings are only for applet and web clients, not for server side apps
-Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=false -Ddeployment.security.TLSv1=false
推荐答案
这是查找下一个家伙的方法:
This is the fix for the next guy looking:
mail.smtp.starttls.enable=true;
mail.smtp.ssl.protocols=TLSv1.2;
这篇关于如何强制JavaMailSenderImpl使用TLS1.2?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!