如何强制JavaMailSenderImpl使用TLS1.2？ [英] How to force JavaMailSenderImpl to use TLS1.2?

问题描述

具有在Tomcat上运行的JDK7应用程序，并且确实具有以下环境设置：

Have a JDK7 app running on Tomcat and it does have the following env settings:

-Dhttps.protocols=TLSv1.1,TLSv1.2 

以上设置可确保在通过HTTPS连接时我们不使用TLS 1.0

The above setting ensures that we don't use TLS 1.0 when connecting over HTTPS while making API calls etc.

我们还使用org.springframework.mail.javamail。 JavaMailSenderImpl 类发送传出SMTP电子邮件，并使用这些道具：

We also use the org.springframework.mail.javamail.JavaMailSenderImpl class to send outgoing SMTP email, and use these props:

 mail.smtp.auth=false;mail.smtp.socketFactory.port=2525;mail.smtp.socketFactory.fallback=true;mail.smtp.starttls.enable=true

问题在于SMTP电子邮件服务器升级到TLS1.2时发生故障。

The problem is that the connection to the SMTP email server is failing when it's upgraded to TLS1.2.

javax.net.ssl.SSLHandshakeException：握手期间远程主机关闭连接

javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

是否存在将强制执行TLS1.2协议的设置或代码更改？

我做了一些搜索，看来这些环境设置仅适用于applet和Web客户端，不适用于服务器端应用程序

I did some searching and it looks like these env settings are only for applet and web clients, not for server side apps

-Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=false -Ddeployment.security.TLSv1=false

推荐答案

这是查找下一个家伙的方法：

This is the fix for the next guy looking:

mail.smtp.starttls.enable=true;
mail.smtp.ssl.protocols=TLSv1.2;

这篇关于如何强制JavaMailSenderImpl使用TLS1.2？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！