You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-user@james.apache.org by Arnau Rebassa <ar...@gmail.com> on 2018/10/23 22:37:30 UTC

james 3.0-beta5 and TLSv1.2

Hi all,

We have a corporate application that works with 3.0-beta5. We are trying to
configure James to deliver remote emails using TLSv1.2. I have tried all
the hints I have found in internet without success.

James is being executed with java 1.8

$ java -version
java version "1.8.0_181"
Java(TM) SE Runtime Environment (build 1.8.0_181-b13)
Java HotSpot(TM) 64-Bit Server VM (build 25.181-b13, mixed mode)

I configure the java.security file in jdk1.8.0_181/jre/lib/security/ adding
the line (as most of the guides recommend):

jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3, TLSv1, TLSv1.1

James even does not send the "Client Hello”. After receiving the “Ready to
start TLS” message from the server, James sends Handshake Failure(40)
without sending any negotiation.

With
jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3,

James sends the client hello but the remote server closes the connection as
it only suports TLSv1.2.

Any ideas about where the problem is?
-- 
Arnau