You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Brandie Nickey <BN...@astrixinc.com.INVALID> on 2024/03/11 16:34:34 UTC
Tomcat SMPT TLS1.2
Hi all,
I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have been trying to find out where to configure outbound smtp messages to use only TLS1.2. I've found plenty of info on the https using TLS1.2 and have configured that just fine in server.xml file and in the Java tab of the tomcatw.exe file, but that doesn't seem to be applying to the emails outgoing from the webapp. Anyone have any ideas? (Also upgrading is not an option as this tomcat/java combo is the only one supported by the vendor for our webapp version).
Thank you!
Brandie
RE: Tomcat SMPT TLS1.2
Posted by Brandie Nickey <BN...@astrixinc.com.INVALID>.
Thanks so much for the guidance. Have a call with the vendor in about an hour to discuss - my fear is that the TLS 1.0 was hard coded somewhere but will take the info provided and see what they say. Cheers!
-----Original Message-----
From: Robert Turner <rt...@e-djuster.ca.INVALID>
Sent: Monday, March 11, 2024 9:42 AM
To: Tomcat Users List <us...@tomcat.apache.org>
Subject: Re: Tomcat SMPT TLS1.2
[You don't often get email from rturner@e-djuster.ca.invalid. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
AFAIK, there is nothing in Tomcat for SMTP. This would be part of the application you are running typically. It's possible (but not guaranteed) that the web application is using the standard Java libraries for SMTP, and as such, you may (but again not guaranteed) be able to configure some of the mail settings via Java system properties ( https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
).
Best bet is to work with your application provider and their documentation / support.
Also, consider upgrading Java and Tomcat to current / supported versions as those versions are both very old and likely have many security issues that need patching.
On Mon, Mar 11, 2024 at 12:39 PM Jost Richstein <jr...@softdecc.com>
wrote:
> Hi,
>
> this is definitely not a Tomcat problem - take a look at:
>
>
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> ummary
> .html
> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
> summary.html>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Brandie Nickey <BN...@astrixinc.com.INVALID>
> Gesendet: Montag, 11. März 2024 17:35
> An: users@tomcat.apache.org
> Betreff: Tomcat SMPT TLS1.2
>
> Hi all,
>
> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
> been trying to find out where to configure outbound smtp messages to
> use only TLS1.2. I've found plenty of info on the https using TLS1.2
> and have configured that just fine in server.xml file and in the Java
> tab of the tomcatw.exe file, but that doesn't seem to be applying to the emails
> outgoing from the webapp. Anyone have any ideas? (Also upgrading is not
> an
> option as this tomcat/java combo is the only one supported by the
> vendor for our webapp version).
>
> Thank you!
> Brandie
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat SMPT TLS1.2
Posted by Robert Turner <rt...@e-djuster.ca.INVALID>.
You can define Java properties in one of the Tomcat files
(catalina.properties I believe), albeit it may depend on the OS /
deployment for your specific instance as some use different loaders -- the
default scripts "catalina.sh/bat" will use that file, but
some distributions load Tomcat differently.
On Mon, Mar 11, 2024 at 12:50 PM Brandie Nickey
<BN...@astrixinc.com.invalid> wrote:
> That makes sense, I did see a file in our java mail jar called
> SocketFetcher that has a line to the extent saying 'if properties not set,
> use TLS 1.0 for smtp' . My hope was to find where the heck to set the mail
> properties, but sounds like that's in another sun file.
>
> -----Original Message-----
> From: Ivano Luberti <lu...@archicoop.it.INVALID>
> Sent: Monday, March 11, 2024 9:46 AM
> To: users@tomcat.apache.org
> Subject: Re: Tomcat SMPT TLS1.2
>
> [You don't often get email from luberti@archicoop.it.invalid. Learn why
> this is important at https://aka.ms/LearnAboutSenderIdentification ]
>
> I had issues in the past connectin to mailserver using TLS and solved them
> upgrading the webapplicatio library from mail-1.4.jar to
> javax.mail-1.6.2.jar
>
> Il 11/03/2024 17:41, Robert Turner ha scritto:
> > AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
> > application you are running typically. It's possible (but not
> > guaranteed) that the web application is using the standard Java
> > libraries for SMTP, and as such, you may (but again not guaranteed) be
> > able to configure some of the mail settings via Java system properties
> > (
> > https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> > ummary.html
> > ).
> >
> > Best bet is to work with your application provider and their
> > documentation / support.
> >
> > Also, consider upgrading Java and Tomcat to current / supported
> > versions as those versions are both very old and likely have many
> > security issues that need patching.
> >
> >
> >
> > On Mon, Mar 11, 2024 at 12:39 PM Jost
> > Richstein<jr...@softdecc.com>
> > wrote:
> >
> >> Hi,
> >>
> >> this is definitely not a Tomcat problem - take a look at:
> >>
> >>
> >> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
> >> summary
> >> .html
> >> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package
> >> -summary.html>
> >>
> >>
> >> -----Ursprüngliche Nachricht-----
> >> Von: Brandie Nickey<BN...@astrixinc.com.INVALID>
> >> Gesendet: Montag, 11. März 2024 17:35 An:users@tomcat.apache.org
> >> Betreff: Tomcat SMPT TLS1.2
> >>
> >> Hi all,
> >>
> >> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
> >> been trying to find out where to configure outbound smtp messages to
> >> use only TLS1.2. I've found plenty of info on the https using TLS1.2
> >> and have configured that just fine in server.xml file and in the Java
> >> tab of the tomcatw.exe file, but that doesn't seem to be applying to
> the emails
> >> outgoing from the webapp. Anyone have any ideas? (Also upgrading is
> not
> >> an
> >> option as this tomcat/java combo is the only one supported by the
> >> vendor for our webapp version).
> >>
> >> Thank you!
> >> Brandie
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail:users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail:users-help@tomcat.apache.org
> >>
> >>
> --
>
> Archimede Informatica tratta i dati personali in conformità a quanto
> stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
> 2003 n. 196
> per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
> Informativa completa
> <
> http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf
> >
>
> Il contenuto di questo messaggio e dei suoi eventuali allegati è
> riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di
> contattare telefonicamente o via e-mail il mittente ai recapiti sopra
> indicati e di cancellare il messaggio e gli eventuali allegati dal Suo
> sistema senza farne copia o diffonderli. Le opinioni espresse sono quelle
> dell'autore e non rappresentano necessariamente quelle della Società.
> This message and any attachment are confidential.If you are not the
> intended recipient, please telephone or email the sender and delete this
> message and any attachment from your system. If you are not the intended
> recipient you must not copy this message or attachment or disclose the
> contents to any other person. Any opinions presented are solely those of
> the author and do not necessarily represent those of the Company.
>
> dott. Ivano Mario Luberti
>
> Archimede Informatica società cooperativa a r. l.
> Via Gereschi 36, 56127 Pisa
>
> tel.: +39 050/580959 | fax: +39 050/8932061
>
> web: www.archicoop.it
> linkedin: www.linkedin.com/in/ivanoluberti
> facebook: www.facebook.com/archimedeinformaticapisa/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
RE: Tomcat SMPT TLS1.2
Posted by Brandie Nickey <BN...@astrixinc.com.INVALID>.
That makes sense, I did see a file in our java mail jar called SocketFetcher that has a line to the extent saying 'if properties not set, use TLS 1.0 for smtp' . My hope was to find where the heck to set the mail properties, but sounds like that's in another sun file.
-----Original Message-----
From: Ivano Luberti <lu...@archicoop.it.INVALID>
Sent: Monday, March 11, 2024 9:46 AM
To: users@tomcat.apache.org
Subject: Re: Tomcat SMPT TLS1.2
[You don't often get email from luberti@archicoop.it.invalid. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
I had issues in the past connectin to mailserver using TLS and solved them upgrading the webapplicatio library from mail-1.4.jar to javax.mail-1.6.2.jar
Il 11/03/2024 17:41, Robert Turner ha scritto:
> AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
> application you are running typically. It's possible (but not
> guaranteed) that the web application is using the standard Java
> libraries for SMTP, and as such, you may (but again not guaranteed) be
> able to configure some of the mail settings via Java system properties
> (
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> ummary.html
> ).
>
> Best bet is to work with your application provider and their
> documentation / support.
>
> Also, consider upgrading Java and Tomcat to current / supported
> versions as those versions are both very old and likely have many
> security issues that need patching.
>
>
>
> On Mon, Mar 11, 2024 at 12:39 PM Jost
> Richstein<jr...@softdecc.com>
> wrote:
>
>> Hi,
>>
>> this is definitely not a Tomcat problem - take a look at:
>>
>>
>> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
>> summary
>> .html
>> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package
>> -summary.html>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Brandie Nickey<BN...@astrixinc.com.INVALID>
>> Gesendet: Montag, 11. März 2024 17:35 An:users@tomcat.apache.org
>> Betreff: Tomcat SMPT TLS1.2
>>
>> Hi all,
>>
>> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
>> been trying to find out where to configure outbound smtp messages to
>> use only TLS1.2. I've found plenty of info on the https using TLS1.2
>> and have configured that just fine in server.xml file and in the Java
>> tab of the tomcatw.exe file, but that doesn't seem to be applying to the emails
>> outgoing from the webapp. Anyone have any ideas? (Also upgrading is not
>> an
>> option as this tomcat/java combo is the only one supported by the
>> vendor for our webapp version).
>>
>> Thank you!
>> Brandie
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail:users-help@tomcat.apache.org
>>
>>
--
Archimede Informatica tratta i dati personali in conformità a quanto stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>
Il contenuto di questo messaggio e dei suoi eventuali allegati è riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di contattare telefonicamente o via e-mail il mittente ai recapiti sopra indicati e di cancellare il messaggio e gli eventuali allegati dal Suo sistema senza farne copia o diffonderli. Le opinioni espresse sono quelle dell'autore e non rappresentano necessariamente quelle della Società.
This message and any attachment are confidential.If you are not the intended recipient, please telephone or email the sender and delete this message and any attachment from your system. If you are not the intended recipient you must not copy this message or attachment or disclose the contents to any other person. Any opinions presented are solely those of the author and do not necessarily represent those of the Company.
dott. Ivano Mario Luberti
Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa
tel.: +39 050/580959 | fax: +39 050/8932061
web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: AW: Tomcat SMPT TLS1.2
Posted by Ivano Luberti <lu...@archicoop.it.INVALID>.
LOL....
but to be honest we encountered the issue after moving from JDK 1.7 to
JDK 1.8 without changing the SMTP server
Il 11/03/2024 17:49, Jost Richstein ha scritto:
> Yes, of course. Mail-1.4.jar is from May 2006. I'm not even sure if TLS existed back then.
>
>
> -----Ursprüngliche Nachricht-----
> Von: Ivano Luberti<lu...@archicoop.it.INVALID>
> Gesendet: Montag, 11. März 2024 17:46
> An:users@tomcat.apache.org
> Betreff: Re: Tomcat SMPT TLS1.2
>
> I had issues in the past connectin to mailserver using TLS and solved them upgrading the webapplicatio library from mail-1.4.jar to javax.mail-1.6.2.jar
>
> Il 11/03/2024 17:41, Robert Turner ha scritto:
>> AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
>> application you are running typically. It's possible (but not
>> guaranteed) that the web application is using the standard Java
>> libraries for SMTP, and as such, you may (but again not guaranteed) be
>> able to configure some of the mail settings via Java system properties
>> (
>> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
>> ummary.html
>> ).
>>
>> Best bet is to work with your application provider and their
>> documentation / support.
>>
>> Also, consider upgrading Java and Tomcat to current / supported
>> versions as those versions are both very old and likely have many
>> security issues that need patching.
>>
>>
>>
>> On Mon, Mar 11, 2024 at 12:39 PM Jost
>> Richstein<jr...@softdecc.com>
>> wrote:
>>
>>> Hi,
>>>
>>> this is definitely not a Tomcat problem - take a look at:
>>>
>>>
>>> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
>>> summary
>>> .html
>>> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package
>>> -summary.html>
>>>
>>>
>>> -----Ursprüngliche Nachricht-----
>>> Von: Brandie Nickey<BN...@astrixinc.com.INVALID>
>>> Gesendet: Montag, 11. März 2024 17:35An:users@tomcat.apache.org
>>> Betreff: Tomcat SMPT TLS1.2
>>>
>>> Hi all,
>>>
>>> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
>>> been trying to find out where to configure outbound smtp messages to
>>> use only TLS1.2. I've found plenty of info on the https using TLS1.2
>>> and have configured that just fine in server.xml file and in the Java
>>> tab of the tomcatw.exe file, but that doesn't seem to be applying to the emails
>>> outgoing from the webapp. Anyone have any ideas? (Also upgrading is not
>>> an
>>> option as this tomcat/java combo is the only one supported by the
>>> vendor for our webapp version).
>>>
>>> Thank you!
>>> Brandie
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe,e-mail:users-unsubscribe@tomcat.apache.org
>>> For additional commands,e-mail:users-help@tomcat.apache.org
>>>
>>>
--
Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>
Il contenuto di questo messaggio e dei suoi eventuali allegati è
riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di
contattare telefonicamente o via e-mail il mittente ai recapiti sopra
indicati e di cancellare il messaggio e gli eventuali allegati dal Suo
sistema senza farne copia o diffonderli. Le opinioni espresse sono
quelle dell'autore e non rappresentano necessariamente quelle della Società.
This message and any attachment are confidential.If you are not the
intended recipient, please telephone or email the sender and delete this
message and any attachment from your system. If you are not the intended
recipient you must not copy this message or attachment or disclose the
contents to any other person. Any opinions presented are solely those of
the author and do not necessarily represent those of the Company.
dott. Ivano Mario Luberti
Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa
tel.: +39 050/580959 | fax: +39 050/8932061
web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/
AW: Tomcat SMPT TLS1.2
Posted by Jost Richstein <jr...@softdecc.com>.
Yes, of course. Mail-1.4.jar is from May 2006. I'm not even sure if TLS existed back then.
-----Ursprüngliche Nachricht-----
Von: Ivano Luberti <lu...@archicoop.it.INVALID>
Gesendet: Montag, 11. März 2024 17:46
An: users@tomcat.apache.org
Betreff: Re: Tomcat SMPT TLS1.2
I had issues in the past connectin to mailserver using TLS and solved them upgrading the webapplicatio library from mail-1.4.jar to javax.mail-1.6.2.jar
Il 11/03/2024 17:41, Robert Turner ha scritto:
> AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
> application you are running typically. It's possible (but not
> guaranteed) that the web application is using the standard Java
> libraries for SMTP, and as such, you may (but again not guaranteed) be
> able to configure some of the mail settings via Java system properties
> (
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-s
> ummary.html
> ).
>
> Best bet is to work with your application provider and their
> documentation / support.
>
> Also, consider upgrading Java and Tomcat to current / supported
> versions as those versions are both very old and likely have many
> security issues that need patching.
>
>
>
> On Mon, Mar 11, 2024 at 12:39 PM Jost
> Richstein<jr...@softdecc.com>
> wrote:
>
>> Hi,
>>
>> this is definitely not a Tomcat problem - take a look at:
>>
>>
>> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-
>> summary
>> .html
>> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package
>> -summary.html>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Brandie Nickey<BN...@astrixinc.com.INVALID>
>> Gesendet: Montag, 11. März 2024 17:35 An:users@tomcat.apache.org
>> Betreff: Tomcat SMPT TLS1.2
>>
>> Hi all,
>>
>> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
>> been trying to find out where to configure outbound smtp messages to
>> use only TLS1.2. I've found plenty of info on the https using TLS1.2
>> and have configured that just fine in server.xml file and in the Java
>> tab of the tomcatw.exe file, but that doesn't seem to be applying to the emails
>> outgoing from the webapp. Anyone have any ideas? (Also upgrading is not
>> an
>> option as this tomcat/java combo is the only one supported by the
>> vendor for our webapp version).
>>
>> Thank you!
>> Brandie
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail:users-help@tomcat.apache.org
>>
>>
--
Archimede Informatica tratta i dati personali in conformità a quanto stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>
Il contenuto di questo messaggio e dei suoi eventuali allegati è riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di contattare telefonicamente o via e-mail il mittente ai recapiti sopra indicati e di cancellare il messaggio e gli eventuali allegati dal Suo sistema senza farne copia o diffonderli. Le opinioni espresse sono quelle dell'autore e non rappresentano necessariamente quelle della Società.
This message and any attachment are confidential.If you are not the intended recipient, please telephone or email the sender and delete this message and any attachment from your system. If you are not the intended recipient you must not copy this message or attachment or disclose the contents to any other person. Any opinions presented are solely those of the author and do not necessarily represent those of the Company.
dott. Ivano Mario Luberti
Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa
tel.: +39 050/580959 | fax: +39 050/8932061
web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat SMPT TLS1.2
Posted by Ivano Luberti <lu...@archicoop.it.INVALID>.
I had issues in the past connectin to mailserver using TLS and solved
them upgrading the webapplicatio library from mail-1.4.jar to
javax.mail-1.6.2.jar
Il 11/03/2024 17:41, Robert Turner ha scritto:
> AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
> application you are running typically. It's possible (but not guaranteed)
> that the web application is using the standard Java libraries for SMTP, and
> as such, you may (but again not guaranteed) be able to configure some of
> the mail settings via Java system properties (
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
> ).
>
> Best bet is to work with your application provider and their
> documentation / support.
>
> Also, consider upgrading Java and Tomcat to current / supported versions as
> those versions are both very old and likely have many security issues that
> need patching.
>
>
>
> On Mon, Mar 11, 2024 at 12:39 PM Jost Richstein<jr...@softdecc.com>
> wrote:
>
>> Hi,
>>
>> this is definitely not a Tomcat problem - take a look at:
>>
>>
>> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary
>> .html
>> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: Brandie Nickey<BN...@astrixinc.com.INVALID>
>> Gesendet: Montag, 11. März 2024 17:35
>> An:users@tomcat.apache.org
>> Betreff: Tomcat SMPT TLS1.2
>>
>> Hi all,
>>
>> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have been
>> trying to find out where to configure outbound smtp messages to use only
>> TLS1.2. I've found plenty of info on the https using TLS1.2 and have
>> configured that just fine in server.xml file and in the Java tab of the
>> tomcatw.exe file, but that doesn't seem to be applying to the emails
>> outgoing from the webapp. Anyone have any ideas? (Also upgrading is not
>> an
>> option as this tomcat/java combo is the only one supported by the vendor
>> for
>> our webapp version).
>>
>> Thank you!
>> Brandie
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail:users-help@tomcat.apache.org
>>
>>
--
Archimede Informatica tratta i dati personali in conformità a quanto
stabilito dal Regolamento UE n. 2016/679 (GDPR) e dal D. Lgs. 30 giugno
2003 n. 196
per come modificato dal D.Lgs. 10 agosto 2018 n. 101.
Informativa completa
<http://www.archicoop.it/fileadmin/pdf/InformativaTrattamentoDatiPersonali.pdf>
Il contenuto di questo messaggio e dei suoi eventuali allegati è
riservato. Nel caso in cui Lei non sia il destinatario, La preghiamo di
contattare telefonicamente o via e-mail il mittente ai recapiti sopra
indicati e di cancellare il messaggio e gli eventuali allegati dal Suo
sistema senza farne copia o diffonderli. Le opinioni espresse sono
quelle dell'autore e non rappresentano necessariamente quelle della Società.
This message and any attachment are confidential.If you are not the
intended recipient, please telephone or email the sender and delete this
message and any attachment from your system. If you are not the intended
recipient you must not copy this message or attachment or disclose the
contents to any other person. Any opinions presented are solely those of
the author and do not necessarily represent those of the Company.
dott. Ivano Mario Luberti
Archimede Informatica società cooperativa a r. l.
Via Gereschi 36, 56127 Pisa
tel.: +39 050/580959 | fax: +39 050/8932061
web: www.archicoop.it
linkedin: www.linkedin.com/in/ivanoluberti
facebook: www.facebook.com/archimedeinformaticapisa/
Re: Tomcat SMPT TLS1.2
Posted by Robert Turner <rt...@e-djuster.ca.INVALID>.
AFAIK, there is nothing in Tomcat for SMTP. This would be part of the
application you are running typically. It's possible (but not guaranteed)
that the web application is using the standard Java libraries for SMTP, and
as such, you may (but again not guaranteed) be able to configure some of
the mail settings via Java system properties (
https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
).
Best bet is to work with your application provider and their
documentation / support.
Also, consider upgrading Java and Tomcat to current / supported versions as
those versions are both very old and likely have many security issues that
need patching.
On Mon, Mar 11, 2024 at 12:39 PM Jost Richstein <jr...@softdecc.com>
wrote:
> Hi,
>
> this is definitely not a Tomcat problem - take a look at:
>
>
> https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary
> .html
> <https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html>
>
>
> -----Ursprüngliche Nachricht-----
> Von: Brandie Nickey <BN...@astrixinc.com.INVALID>
> Gesendet: Montag, 11. März 2024 17:35
> An: users@tomcat.apache.org
> Betreff: Tomcat SMPT TLS1.2
>
> Hi all,
>
> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have been
> trying to find out where to configure outbound smtp messages to use only
> TLS1.2. I've found plenty of info on the https using TLS1.2 and have
> configured that just fine in server.xml file and in the Java tab of the
> tomcatw.exe file, but that doesn't seem to be applying to the emails
> outgoing from the webapp. Anyone have any ideas? (Also upgrading is not
> an
> option as this tomcat/java combo is the only one supported by the vendor
> for
> our webapp version).
>
> Thank you!
> Brandie
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
AW: Tomcat SMPT TLS1.2
Posted by Jost Richstein <jr...@softdecc.com>.
Hi,
this is definitely not a Tomcat problem - take a look at:
https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary
.html
-----Ursprüngliche Nachricht-----
Von: Brandie Nickey <BN...@astrixinc.com.INVALID>
Gesendet: Montag, 11. März 2024 17:35
An: users@tomcat.apache.org
Betreff: Tomcat SMPT TLS1.2
Hi all,
I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have been
trying to find out where to configure outbound smtp messages to use only
TLS1.2. I've found plenty of info on the https using TLS1.2 and have
configured that just fine in server.xml file and in the Java tab of the
tomcatw.exe file, but that doesn't seem to be applying to the emails
outgoing from the webapp. Anyone have any ideas? (Also upgrading is not an
option as this tomcat/java combo is the only one supported by the vendor for
our webapp version).
Thank you!
Brandie
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: [OT] Tomcat SMPT TLS1.2
Posted by Brandie Nickey <BN...@astrixinc.com.INVALID>.
Update! The fix was indeed to replace the out of date java mail jar (1.5) with the newest Jakarta mail jar file. Thanks everyone for the help!
Brandie
-----Original Message-----
From: Christopher Schultz <ch...@christopherschultz.net>
Sent: Monday, March 11, 2024 11:29 AM
To: users@tomcat.apache.org
Subject: Re: [OT] Tomcat SMPT TLS1.2
[You don't often get email from chris@christopherschultz.net. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
Brandie,
(Marking this [OT] as it's not really a Tomcat question.)
On 3/11/24 12:34, Brandie Nickey wrote:
> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
> been trying to find out where to configure outbound smtp messages to
> use only TLS1.2. I've found plenty of info on the https using TLS1.2
> and have configured that just fine in server.xml file and in the Java
> tab of the tomcatw.exe file, but that doesn't seem to be applying to
> the emails outgoing from the webapp. Anyone have any ideas? (Also
> upgrading is not an option as this tomcat/java combo is the only one
> supported by the vendor for our webapp version).
Assuming that you are using JavaMail for your email, I assembled a whole lot of properties that can be fed to JavaMail when making SMTP connections and documented them here:
https://github.com/ChristopherSchultz/java-email/blob/main/src/main/resources/mail.properties
It's been a very long time since I looked at that code, but if you look at the code for Mailer.java in that project, you should be able to see how the properties are used to establish a Transport (aka connection) and Session.
Most of the properties are passed-through to Session.getDefaultInstance(Properties).
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: [OT] Tomcat SMPT TLS1.2
Posted by Christopher Schultz <ch...@christopherschultz.net>.
Brandie,
(Marking this [OT] as it's not really a Tomcat question.)
On 3/11/24 12:34, Brandie Nickey wrote:
> I have a COTS webapp using Tomcat 8.0.43 and Java 1.8.0_121. I have
> been trying to find out where to configure outbound smtp messages to
> use only TLS1.2. I've found plenty of info on the https using TLS1.2
> and have configured that just fine in server.xml file and in the Java
> tab of the tomcatw.exe file, but that doesn't seem to be applying to
> the emails outgoing from the webapp. Anyone have any ideas? (Also
> upgrading is not an option as this tomcat/java combo is the only one
> supported by the vendor for our webapp version).
Assuming that you are using JavaMail for your email, I assembled a whole
lot of properties that can be fed to JavaMail when making SMTP
connections and documented them here:
https://github.com/ChristopherSchultz/java-email/blob/main/src/main/resources/mail.properties
It's been a very long time since I looked at that code, but if you look
at the code for Mailer.java in that project, you should be able to see
how the properties are used to establish a Transport (aka connection)
and Session.
Most of the properties are passed-through to
Session.getDefaultInstance(Properties).
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org