[JIRA] (JENKINS-60222) Centos 8, not working email send - TLC error

[kostyaab@gmail.com (JIRA)]

Konstantin A created an issue

Jenkins / JENKINS-60222 Centos 8, not working email send - TLC error Issue Type: Bug Assignee: Alex Earl Attachments: 2019-11-20_16-10-41.png Components: email-ext-plugin Created: 2019-11-20 09:11 Environment: Centos 8, Jenkins ver. 2.205 Priority: Minor Reporter: Konstantin A Default clean installation Centos 8 + Jenkins Sending emails not work. No way at all. I studied forums and documentation, searched in google.  I tryed    -Dmail.smtp.starttls.enable=true  and ssl-debug - mail not send. Its in log: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:169) at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98) at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:216) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:395) at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:507) at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:238) at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1900) Caused: javax.mail.MessagingException: Could not connect to SMTP host: smtp.yandex.ru, port: 465;   nested exception is: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934) at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638) at javax.mail.Service.connect(Service.java:317) .......... I tried to install on windows with identical mail settings - email has gone! I tryed on Ubuntu - email has gone! i tryed another variation of accounts, potrs, SSL on/off, smtp-servers - mail is not sent. I launched a sniffer (wireshark) and i see: jenkins send: STARTTLS  snmp-server answers: 220 Go ahead jenkins send TCP-FYN packen and i see web-error "protocol is disabled or cipher suites are inappropriate" I tryed another installation Centos 8 on another servers and I tried to do other Jenkins installations - everything starts, but mail does not work Please help me. Add Comment

This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)

[kostyaab@gmail.com (JIRA)]

Konstantin A updated an issue

Jenkins / JENKINS-60222 Centos 8, not working email send - TLC error

Change By: Konstantin A

Default clean installation Centos 8 + Jenkins Sending emails not work. No way at all. I studied forums and documentation, searched in google.  I tryed

{code:java} -Dmail.smtp.starttls.enable=true  {code}

and ssl-debug - mail not send.

Its It in test- log: {code:java}

javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:169) at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98) at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:216) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:395) at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:507) at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:238) at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1900) Caused: javax.mail.MessagingException: Could not connect to SMTP host: smtp.yandex.ru, port: 465;   nested exception is: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934) at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638) at javax.mail.Service.connect(Service.java:317)

..........{code} It in job-log {code:java} Running as SYSTEM Building in workspace /var/lib/jenkins/workspace/test-item Checking for pre-build Executing pre-build step Checking if email needs to be generated No emails were triggered. [test-item] $ /bin/sh -xe /tmp/jenkins2305405028249091314.sh + ssh ro...@192.168.1.2 12124 Host key verification failed. Build step 'Выполнить команду shell' marked build as failure Sending e-mails to: myu...@mydomain.ru ERROR: Could not convert socket to TLS javax.mail.MessagingException: Could not convert socket to TLS;

nested exception is: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1880) at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:648) at javax.mail.Service.connect(Service.java:317) ...............{code} *I tried to install on windows with identical mail settings - email has gone!* *I tryed on Ubuntu - email has gone!* *i tryed another variation of accounts, potrs, SSL on/off, smtp-servers - mail is not sent.*

I launched a sniffer (wireshark) and i see:

* jenkins send: STARTTLS  * snmp-server answers: 220 Go ahead * jenkins send TCP-FYN packen and i see web-error "protocol is disabled or cipher suites are inappropriate"

I tryed another installation Centos 8 on another servers and I tried to do other Jenkins installations - everything starts, but mail does not work Please help me.

Add Comment

[kostyaab@gmail.com (JIRA)]

Konstantin A commented on JENKINS-60222

Re: Centos 8, not working email send - TLC error Centos7: same actions - everything works

Add Comment

[kostyaab@gmail.com (JIRA)]

Konstantin A updated an issue

Jenkins / JENKINS-60222

Centos 8, not working email send - TLC error

Change By: Konstantin A

Default clean installation Centos 8 + Jenkins Sending emails not work. No way at all. I studied forums and documentation, searched in google.  I tryed    {code:java} -Dmail.smtp.starttls.enable=true  {code} and ssl-debug - mail not send.

It in test-log:

*I tried to install on windows   -system with identical mail settings - email has gone!* * Centos7: same actions - everything works!* * I tryed on Ubuntu - email has gone!*

*i tryed another variation of accounts, potrs, SSL on/off, smtp-servers - mail is not sent.* I launched a sniffer (wireshark) and i see: * jenkins send: STARTTLS  * snmp-server answers: 220 Go ahead * jenkins send TCP-FYN packen and i see web-error "protocol is disabled or cipher suites are inappropriate" I tryed another installation Centos 8 on another servers and I tried to do other Jenkins installations - everything starts, but mail does not work Please help me.

Add Comment

[motoko.kusanagi@gmail.com (JIRA)]

Motoko Kusanagi commented on JENKINS-60222

Re: Centos 8, not working email send - TLC error Konstantin A I had the same issue on Centos 8 and to get past it I made the following configuration change to /etc/sysconfig/jenkins: JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dmail.smtp.starttls.enable=true -Dmail.smtp.ssl.protocols=TLSv1.2" followed by: sudo service jenkins restart

Add Comment

[kostyaab@gmail.com (JIRA)]

Konstantin A commented on JENKINS-60222

Re: Centos 8, not working email send - TLC error

TLS 1.0, 1.1, 1.2 disabled by default in Centos 8 https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/considerations_in_adopting_rhel_8/security_considerations-in-adopting-rhel-8#tls-v10-v11_security   it works: update-crypto-policies --set LEGACY Setting system policy to LEGACY Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place.

Add Comment

[slide.o.mix@gmail.com (JIRA)]

Alex Earl closed an issue as Not A Defect

Jenkins / JENKINS-60222

Centos 8, not working email send - TLC error

Change By: Alex Earl Status: Open Closed Resolution: Not A Defect

Add Comment