Uploaded image for project: 'Bamboo'
  1. Bamboo
  2. BAM-20910

Bamboo without TLS 1.2 select option for SMTP mail server configuration

    XMLWordPrintable

Details

    • 1
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Issue Summary

      Bamboo fails to communicate with SMTP servers using TLS. Reported issue:

      • com.atlassian.mail.MailException: javax.mail.MessagingException: Could not convert socket to TLS
      • javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

      Steps to Reproduce

      1. Java 8u292+ and JDK 11.0.11+ in Bamboo 8+ - Openssl had TLS 1.0 and 1.1 disabled
      2. Navigate as Bamboo Admin to Cog >> Overview >> Mail server.
      3. Create or edit an existing configuration there and check the option "Use TLS".
      4. Define Bamboo system or e.g. build notifications (for testing).

      Expected Results

      Notifications sent out from Bamboo should be encrypted in TLS 1.2 since TLS 1.0 is well known for security vulnerabilities. 

      Actual Results

      Check or filter the emails sent from Bamboo and find them encrypted in TLS 1.0.

      Workaround

      Add the system property below:

      -Dmail.smtp.ssl.protocols=TLSv1.2
      

      Following Configuring your system properties

      Attachments

        Activity

          People

            Unassigned Unassigned
            gforster@atlassian.com Gerhard Forster (Inactive)
            Votes:
            6 Vote for this issue
            Watchers:
            11 Start watching this issue

            Dates

              Created:
              Updated: