javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate). Failed messages: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
在阅读了一些资料后,我发现原因是我们正在使用过时的TLSv1或TLSv1.1,应该使用v1.2或更高版本。我尝试在application.yml中添加ssl.protocols属性,值为TLSv1.2,但似乎没有起作用。以下是我的application.yml:
spring:
mail:
host: smtp.gmail.com
port: 587
username: ******@gmail.com
password: *******
protocol: smtp
tls: true
properties.mail.smtp:
auth: true
ssl.trust: smtp.gmail.com
starttls.required: true
starttls.enabled: true
ssl.protocols: TLSv1.2
以下是发送邮件的方法:
public void sendEmail(String to, String subject, String body) {
logger.info("Sending mail to : " + to);
SimpleMailMessage mail = new SimpleMailMessage();
mail.setTo(to);
mail.setSubject(subject);
mail.setText(body);
try {
javaMailSender.send(mail);
logger.info("Mail sent to " + to);
} catch (Exception e) {
logger.error("Could not send mail to " + to + ". Exception : " + e.getMessage());
}
}
我更新了JavaMailSender版本,但它没有解决问题。唯一有效的方法是从jdk.tls.disabledAlgorithms中删除TLSv1和TLSv1.1,就像此答案建议的那样,但这只是一个临时的解决方案。如何使邮件发送者使用TLSv1.2或更高版本?在application.yml中定义ssl.protocols属性的方式是否有问题?
我正在使用以下Java版本:
openjdk version "1.8.0_292"
OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_292-b10)
OpenJDK 64-Bit Server VM (AdoptOpenJDK)(build 25.292-b10, mixed mode)
同时需要使用Spring Boot Starter Mail版本:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
<version>2.5.3</version>
</dependency>