Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

Zowalla, Richard
Hi all,

I have updated our TomEE instances to 8.0.5 as (Geronimo) Java Mail 1.6
replaced the rather outdated (Geronimo) Java Mail 1.4 in this release.

Up to now, we were using

        <dependency>
            <groupId>com.sun.mail</groupId>
            <artifactId>jakarta.mail</artifactId>
            <version>1.6.5</version>
            <scope>provided</scope>
        </dependency>

as our mail server is configured to only support TLS 1.2 or TLS 1.3.
These protocols were not supported by Java Mail 1.4.

I recently tried to migrate to the provided Geronimo Java Mail 1.6
hoping for better protocol support, but I get java.net.SocketException
due to a javax.net.ssl.SSLHandshakeException with "Received fatal
alert: protocol_version".

The full stack trace and related debug output can be found here:
https://gist.github.com/rzo1/64c23a1d9be752eadf36cf3e1c719ffa)

The mail session is configured as follows:

<?xml version="1.0" encoding="utf-8"?>
<resources>
    <Resource id="tomee/mail/demoSMTP" type="javax.mail.Session">
        mail.debug=true
        mail.transport.protocol=smtp
        mail.smtp.starttls.enable=true
        mail.smtp.starttls.required=true
        mail.smtp.ssl.enable=false
        mail.smtp.host=mail.mail-server.com
        mail.smtp.port=587
        mail.smtp.auth=true
        mail.smtp.user=[hidden email]
        <!-- your password, and not 'mail.smtp.password' -->
        password=fancyPassword
    </Resource>
</resources>

Question:

- Does anybody have an idea how to get Geronimo Java Mail 1.6 talking
via TLS 1.2 or TLS 1.3 to our mail server?

- Is TLS 1.2 / TLS 1.3 supported in Geronimo Java Mail 1.6?

If this is the wrong list, please give me an advice which list would be
a better fit.

Thanks in advance,
Richard Z




smime.p7s (9K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

Jean-Louis MONTEIRO
Hey Richard,

Thanks for the detailed email.
I have contributed recently to Geronimo Mail 1.6 but to be honest I can't
answer out of my head.

Cesar also worked on it, so he might be able to help.
Other than that, I'm CC'ing Geronimo mailing list. Maybe Romain and others
can help there.

Jean-Louis

--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com


On Tue, Dec 1, 2020 at 10:55 AM Zowalla, Richard <
[hidden email]> wrote:

> Hi all,
>
> I have updated our TomEE instances to 8.0.5 as (Geronimo) Java Mail 1.6
> replaced the rather outdated (Geronimo) Java Mail 1.4 in this release.
>
> Up to now, we were using
>
>         <dependency>
>             <groupId>com.sun.mail</groupId>
>             <artifactId>jakarta.mail</artifactId>
>             <version>1.6.5</version>
>             <scope>provided</scope>
>         </dependency>
>
> as our mail server is configured to only support TLS 1.2 or TLS 1.3.
> These protocols were not supported by Java Mail 1.4.
>
> I recently tried to migrate to the provided Geronimo Java Mail 1.6
> hoping for better protocol support, but I get java.net.SocketException
> due to a javax.net.ssl.SSLHandshakeException with "Received fatal
> alert: protocol_version".
>
> The full stack trace and related debug output can be found here:
> https://gist.github.com/rzo1/64c23a1d9be752eadf36cf3e1c719ffa)
>
> The mail session is configured as follows:
>
> <?xml version="1.0" encoding="utf-8"?>
> <resources>
>     <Resource id="tomee/mail/demoSMTP" type="javax.mail.Session">
>         mail.debug=true
>         mail.transport.protocol=smtp
>         mail.smtp.starttls.enable=true
>         mail.smtp.starttls.required=true
>         mail.smtp.ssl.enable=false
>         mail.smtp.host=mail.mail-server.com
>         mail.smtp.port=587
>         mail.smtp.auth=true
>         mail.smtp.user=[hidden email]
>         <!-- your password, and not 'mail.smtp.password' -->
>         password=fancyPassword
>     </Resource>
> </resources>
>
> Question:
>
> - Does anybody have an idea how to get Geronimo Java Mail 1.6 talking
> via TLS 1.2 or TLS 1.3 to our mail server?
>
> - Is TLS 1.2 / TLS 1.3 supported in Geronimo Java Mail 1.6?
>
> If this is the wrong list, please give me an advice which list would be
> a better fit.
>
> Thanks in advance,
> Richard Z
>
>
>
>
   --
    Jean-Louis Monteiro
    http://twitter.com/jlouismonteiro
    http://www.tomitribe.com
Reply | Threaded
Open this post in threaded view
|

Re: Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

Zowalla, Richard
Hi,

thanks for the fast feedback.

I did some debugging and found that the only allowed protocol is
"TLSv1" which is hardcoded in
MailConnection.java#getConnectedTLSSocket().

Can you point me to the source code of the geronomo-javamail_1.6_mail
package in v1.0.0 ?

I would like to test, if adding other protocols would solve the issue.

I only found [1], which is an outdated GitHub Repo. [2] does not
contain Geronimo Java Mail 1.6

Best,
Richard

[1] https://github.com/apache/geronimo-javamail
[2] https://github.com/apache/geronimo-specs





Am Dienstag, den 01.12.2020, 12:16 +0100 schrieb Jean-Louis Monteiro:

> Hey Richard,
>
> Thanks for the detailed email.
> I have contributed recently to Geronimo Mail 1.6 but to be honest I
> can't
> answer out of my head.
>
> Cesar also worked on it, so he might be able to help.
> Other than that, I'm CC'ing Geronimo mailing list. Maybe Romain and
> others
> can help there.
>
> Jean-Louis
>
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
>
> http://www.tomitribe.com
>
>
>
> On Tue, Dec 1, 2020 at 10:55 AM Zowalla, Richard <
> [hidden email]
> > wrote:
>
> > Hi all,
> >
> > I have updated our TomEE instances to 8.0.5 as (Geronimo) Java Mail
> > 1.6
> > replaced the rather outdated (Geronimo) Java Mail 1.4 in this
> > release.
> >
> > Up to now, we were using
> >
> >         <dependency>
> >             <groupId>com.sun.mail</groupId>
> >             <artifactId>jakarta.mail</artifactId>
> >             <version>1.6.5</version>
> >             <scope>provided</scope>
> >         </dependency>
> >
> > as our mail server is configured to only support TLS 1.2 or TLS
> > 1.3.
> > These protocols were not supported by Java Mail 1.4.
> >
> > I recently tried to migrate to the provided Geronimo Java Mail 1.6
> > hoping for better protocol support, but I get
> > java.net.SocketException
> > due to a javax.net.ssl.SSLHandshakeException with "Received fatal
> > alert: protocol_version".
> >
> > The full stack trace and related debug output can be found here:
> > https://gist.github.com/rzo1/64c23a1d9be752eadf36cf3e1c719ffa
> > )
> >
> > The mail session is configured as follows:
> >
> > <?xml version="1.0" encoding="utf-8"?>
> > <resources>
> >     <Resource id="tomee/mail/demoSMTP" type="javax.mail.Session">
> >         mail.debug=true
> >         mail.transport.protocol=smtp
> >         mail.smtp.starttls.enable=true
> >         mail.smtp.starttls.required=true
> >         mail.smtp.ssl.enable=false
> >         mail.smtp.host=mail.mail-server.com
> >         mail.smtp.port=587
> >         mail.smtp.auth=true
> >        
> > mail.smtp.user=[hidden email]
> >
> >         <!-- your password, and not 'mail.smtp.password' -->
> >         password=fancyPassword
> >     </Resource>
> > </resources>
> >
> > Question:
> >
> > - Does anybody have an idea how to get Geronimo Java Mail 1.6
> > talking
> > via TLS 1.2 or TLS 1.3 to our mail server?
> >
> > - Is TLS 1.2 / TLS 1.3 supported in Geronimo Java Mail 1.6?
> >
> > If this is the wrong list, please give me an advice which list
> > would be
> > a better fit.
> >
> > Thanks in advance,
> > Richard Z
> >
> >
> >
> >
--
Richard Zowalla, M.Sc.
Research Associate, PhD Student | Medical Informatics

Hochschule Heilbronn – University of Applied Sciences
Max-Planck-Str. 39
D-74081 Heilbronn
phone: +49 7131 504 6791
mail: [hidden email]
web: https://www.mi.hs-heilbronn.de/ 

smime.p7s (9K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

Zowalla, Richard
Hi,

as an update:

I was able to locate the SVN repository [1] and did my testing with a
related patch.

@Jean-Louis: Can you point me to documentation on how to provide a PR
for Geronimo Java Mail 1.6 ? As an alternative, I could create a SVN
patch file and send it to the Geronimo dev list?

Thanks,
Richard




[1] https://svn.apache.org/repos/asf/geronimo/javamail/trunk

Am Mittwoch, den 02.12.2020, 10:44 +0000 schrieb Zowalla, Richard:

> Hi,
>
> thanks for the fast feedback.
>
> I did some debugging and found that the only allowed protocol is
> "TLSv1" which is hardcoded in
> MailConnection.java#getConnectedTLSSocket().
>
> Can you point me to the source code of the geronomo-javamail_1.6_mail
> package in v1.0.0 ?
>
> I would like to test, if adding other protocols would solve the
> issue.
>
> I only found [1], which is an outdated GitHub Repo. [2] does not
> contain Geronimo Java Mail 1.6
>
> Best,
> Richard
>
> [1]
> https://github.com/apache/geronimo-javamail
>
> [2]
> https://github.com/apache/geronimo-specs
>
>
>
>
>
>
> Am Dienstag, den 01.12.2020, 12:16 +0100 schrieb Jean-Louis Monteiro:
> > Hey Richard,
> >
> > Thanks for the detailed email.
> > I have contributed recently to Geronimo Mail 1.6 but to be honest I
> > can't
> > answer out of my head.
> >
> > Cesar also worked on it, so he might be able to help.
> > Other than that, I'm CC'ing Geronimo mailing list. Maybe Romain and
> > others
> > can help there.
> >
> > Jean-Louis
> >
> > --
> > Jean-Louis Monteiro
> > http://twitter.com/jlouismonteiro
> >
> >
> > http://www.tomitribe.com
> >
> >
> >
> >
> > On Tue, Dec 1, 2020 at 10:55 AM Zowalla, Richard <
> > [hidden email]
> >
> > > wrote:
> > > Hi all,
> > >
> > > I have updated our TomEE instances to 8.0.5 as (Geronimo) Java
> > > Mail
> > > 1.6
> > > replaced the rather outdated (Geronimo) Java Mail 1.4 in this
> > > release.
> > >
> > > Up to now, we were using
> > >
> > >         <dependency>
> > >             <groupId>com.sun.mail</groupId>
> > >             <artifactId>jakarta.mail</artifactId>
> > >             <version>1.6.5</version>
> > >             <scope>provided</scope>
> > >         </dependency>
> > >
> > > as our mail server is configured to only support TLS 1.2 or TLS
> > > 1.3.
> > > These protocols were not supported by Java Mail 1.4.
> > >
> > > I recently tried to migrate to the provided Geronimo Java Mail
> > > 1.6
> > > hoping for better protocol support, but I get
> > > java.net.SocketException
> > > due to a javax.net.ssl.SSLHandshakeException with "Received fatal
> > > alert: protocol_version".
> > >
> > > The full stack trace and related debug output can be found here:
> > > https://gist.github.com/rzo1/64c23a1d9be752eadf36cf3e1c719ffa
> > >
> > > )
> > >
> > > The mail session is configured as follows:
> > >
> > > <?xml version="1.0" encoding="utf-8"?>
> > > <resources>
> > >     <Resource id="tomee/mail/demoSMTP" type="javax.mail.Session">
> > >         mail.debug=true
> > >         mail.transport.protocol=smtp
> > >         mail.smtp.starttls.enable=true
> > >         mail.smtp.starttls.required=true
> > >         mail.smtp.ssl.enable=false
> > >         mail.smtp.host=mail.mail-server.com
> > >         mail.smtp.port=587
> > >         mail.smtp.auth=true
> > >        
> > > mail.smtp.user=[hidden email]
> > >
> > >
> > >         <!-- your password, and not 'mail.smtp.password' -->
> > >         password=fancyPassword
> > >     </Resource>
> > > </resources>
> > >
> > > Question:
> > >
> > > - Does anybody have an idea how to get Geronimo Java Mail 1.6
> > > talking
> > > via TLS 1.2 or TLS 1.3 to our mail server?
> > >
> > > - Is TLS 1.2 / TLS 1.3 supported in Geronimo Java Mail 1.6?
> > >
> > > If this is the wrong list, please give me an advice which list
> > > would be
> > > a better fit.
> > >
> > > Thanks in advance,
> > > Richard Z
> > >
> > >
> > >
> > >
--
Richard Zowalla, M.Sc.
Research Associate, PhD Student | Medical Informatics

Hochschule Heilbronn – University of Applied Sciences
Max-Planck-Str. 39
D-74081 Heilbronn
phone: +49 7131 504 6791
mail: [hidden email]
web: https://www.mi.hs-heilbronn.de/ 

smime.p7s (9K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

jgallimore
> As an alternative, I could create a SVN patch file and send it to the
Geronimo dev list?

I'd suggest creating a JIRA, and attaching the patch to that. If you can
also follow up here with the JIRA, that would be fantastic.

Thanks Richard!

Jon

On Wed, Dec 2, 2020 at 11:21 AM Zowalla, Richard <
[hidden email]> wrote:

> Hi,
>
> as an update:
>
> I was able to locate the SVN repository [1] and did my testing with a
> related patch.
>
> @Jean-Louis: Can you point me to documentation on how to provide a PR
> for Geronimo Java Mail 1.6 ? As an alternative, I could create a SVN
> patch file and send it to the Geronimo dev list?
>
> Thanks,
> Richard
>
>
>
>
> [1] https://svn.apache.org/repos/asf/geronimo/javamail/trunk
>
> Am Mittwoch, den 02.12.2020, 10:44 +0000 schrieb Zowalla, Richard:
> > Hi,
> >
> > thanks for the fast feedback.
> >
> > I did some debugging and found that the only allowed protocol is
> > "TLSv1" which is hardcoded in
> > MailConnection.java#getConnectedTLSSocket().
> >
> > Can you point me to the source code of the geronomo-javamail_1.6_mail
> > package in v1.0.0 ?
> >
> > I would like to test, if adding other protocols would solve the
> > issue.
> >
> > I only found [1], which is an outdated GitHub Repo. [2] does not
> > contain Geronimo Java Mail 1.6
> >
> > Best,
> > Richard
> >
> > [1]
> > https://github.com/apache/geronimo-javamail
> >
> > [2]
> > https://github.com/apache/geronimo-specs
> >
> >
> >
> >
> >
> >
> > Am Dienstag, den 01.12.2020, 12:16 +0100 schrieb Jean-Louis Monteiro:
> > > Hey Richard,
> > >
> > > Thanks for the detailed email.
> > > I have contributed recently to Geronimo Mail 1.6 but to be honest I
> > > can't
> > > answer out of my head.
> > >
> > > Cesar also worked on it, so he might be able to help.
> > > Other than that, I'm CC'ing Geronimo mailing list. Maybe Romain and
> > > others
> > > can help there.
> > >
> > > Jean-Louis
> > >
> > > --
> > > Jean-Louis Monteiro
> > > http://twitter.com/jlouismonteiro
> > >
> > >
> > > http://www.tomitribe.com
> > >
> > >
> > >
> > >
> > > On Tue, Dec 1, 2020 at 10:55 AM Zowalla, Richard <
> > > [hidden email]
> > >
> > > > wrote:
> > > > Hi all,
> > > >
> > > > I have updated our TomEE instances to 8.0.5 as (Geronimo) Java
> > > > Mail
> > > > 1.6
> > > > replaced the rather outdated (Geronimo) Java Mail 1.4 in this
> > > > release.
> > > >
> > > > Up to now, we were using
> > > >
> > > >         <dependency>
> > > >             <groupId>com.sun.mail</groupId>
> > > >             <artifactId>jakarta.mail</artifactId>
> > > >             <version>1.6.5</version>
> > > >             <scope>provided</scope>
> > > >         </dependency>
> > > >
> > > > as our mail server is configured to only support TLS 1.2 or TLS
> > > > 1.3.
> > > > These protocols were not supported by Java Mail 1.4.
> > > >
> > > > I recently tried to migrate to the provided Geronimo Java Mail
> > > > 1.6
> > > > hoping for better protocol support, but I get
> > > > java.net.SocketException
> > > > due to a javax.net.ssl.SSLHandshakeException with "Received fatal
> > > > alert: protocol_version".
> > > >
> > > > The full stack trace and related debug output can be found here:
> > > > https://gist.github.com/rzo1/64c23a1d9be752eadf36cf3e1c719ffa
> > > >
> > > > )
> > > >
> > > > The mail session is configured as follows:
> > > >
> > > > <?xml version="1.0" encoding="utf-8"?>
> > > > <resources>
> > > >     <Resource id="tomee/mail/demoSMTP" type="javax.mail.Session">
> > > >         mail.debug=true
> > > >         mail.transport.protocol=smtp
> > > >         mail.smtp.starttls.enable=true
> > > >         mail.smtp.starttls.required=true
> > > >         mail.smtp.ssl.enable=false
> > > >         mail.smtp.host=mail.mail-server.com
> > > >         mail.smtp.port=587
> > > >         mail.smtp.auth=true
> > > >
> > > > mail.smtp.user=[hidden email]
> > > >
> > > >
> > > >         <!-- your password, and not 'mail.smtp.password' -->
> > > >         password=fancyPassword
> > > >     </Resource>
> > > > </resources>
> > > >
> > > > Question:
> > > >
> > > > - Does anybody have an idea how to get Geronimo Java Mail 1.6
> > > > talking
> > > > via TLS 1.2 or TLS 1.3 to our mail server?
> > > >
> > > > - Is TLS 1.2 / TLS 1.3 supported in Geronimo Java Mail 1.6?
> > > >
> > > > If this is the wrong list, please give me an advice which list
> > > > would be
> > > > a better fit.
> > > >
> > > > Thanks in advance,
> > > > Richard Z
> > > >
> > > >
> > > >
> > > >
> --
> Richard Zowalla, M.Sc.
> Research Associate, PhD Student | Medical Informatics
>
> Hochschule Heilbronn – University of Applied Sciences
> Max-Planck-Str. 39
> D-74081 Heilbronn
> phone: +49 7131 504 6791
> mail: [hidden email]
> web: https://www.mi.hs-heilbronn.de/
>
Reply | Threaded
Open this post in threaded view
|

Re: Geronimo Java Mail 1.6 in TomEE 8.0.5 -> TLS 1.2 / 1.3 Support?

Zowalla, Richard
Thanks for the support :) 

The JIRA is https://issues.apache.org/jira/browse/GERONIMO-6792, which includes a patch proposal as SVN diff.

Will also send a follow-up on the CCed mail on the GERONIMO dev list.

Best,
Richard


Am Mittwoch, den 02.12.2020, 11:33 +0000 schrieb Jonathan Gallimore:
As an alternative, I could create a SVN patch file and send it to the
Geronimo dev list?

I'd suggest creating a JIRA, and attaching the patch to that. If you can
also follow up here with the JIRA, that would be fantastic.

Thanks Richard!

Jon

On Wed, Dec 2, 2020 at 11:21 AM Zowalla, Richard <
[hidden email]
> wrote:

Hi,

as an update:

I was able to locate the SVN repository [1] and did my testing with a
related patch.

@Jean-Louis: Can you point me to documentation on how to provide a PR
for Geronimo Java Mail 1.6 ? As an alternative, I could create a SVN
patch file and send it to the Geronimo dev list?

Thanks,
Richard




[1] 
https://svn.apache.org/repos/asf/geronimo/javamail/trunk


Am Mittwoch, den 02.12.2020, 10:44 +0000 schrieb Zowalla, Richard:
Hi,

thanks for the fast feedback.

I did some debugging and found that the only allowed protocol is
"TLSv1" which is hardcoded in
MailConnection.java#getConnectedTLSSocket().

Can you point me to the source code of the geronomo-javamail_1.6_mail
package in v1.0.0 ?

I would like to test, if adding other protocols would solve the
issue.

I only found [1], which is an outdated GitHub Repo. [2] does not
contain Geronimo Java Mail 1.6

Best,
Richard

[1]
https://github.com/apache/geronimo-javamail


[2]
https://github.com/apache/geronimo-specs







Am Dienstag, den 01.12.2020, 12:16 +0100 schrieb Jean-Louis Monteiro:
Hey Richard,

Thanks for the detailed email.
I have contributed recently to Geronimo Mail 1.6 but to be honest I
can't
answer out of my head.

Cesar also worked on it, so he might be able to help.
Other than that, I'm CC'ing Geronimo mailing list. Maybe Romain and
others
can help there.

Jean-Louis

--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro



http://www.tomitribe.com





On Tue, Dec 1, 2020 at 10:55 AM Zowalla, Richard <
[hidden email]


wrote:
Hi all,

I have updated our TomEE instances to 8.0.5 as (Geronimo) Java
Mail
1.6
replaced the rather outdated (Geronimo) Java Mail 1.4 in this
release.

Up to now, we were using

        <dependency>
            <groupId>com.sun.mail</groupId>
            <artifactId>jakarta.mail</artifactId>
            <version>1.6.5</version>
            <scope>provided</scope>
        </dependency>

as our mail server is configured to only support TLS 1.2 or TLS
1.3.
These protocols were not supported by Java Mail 1.4.

I recently tried to migrate to the provided Geronimo Java Mail
1.6
hoping for better protocol support, but I get
java.net.SocketException
due to a javax.net.ssl.SSLHandshakeException with "Received fatal
alert: protocol_version".

The full stack trace and related debug output can be found here:
https://gist.github.com/rzo1/64c23a1d9be752eadf36cf3e1c719ffa


)

The mail session is configured as follows:

<?xml version="1.0" encoding="utf-8"?>
<resources>
    <Resource id="tomee/mail/demoSMTP" type="javax.mail.Session">
        mail.debug=true
        mail.transport.protocol=smtp
        mail.smtp.starttls.enable=true
        mail.smtp.starttls.required=true
        mail.smtp.ssl.enable=false
        mail.smtp.host=mail.mail-server.com
        mail.smtp.port=587
        mail.smtp.auth=true

[hidden email]



        <!-- your password, and not 'mail.smtp.password' -->
        password=fancyPassword
    </Resource>
</resources>

Question:

- Does anybody have an idea how to get Geronimo Java Mail 1.6
talking
via TLS 1.2 or TLS 1.3 to our mail server?

- Is TLS 1.2 / TLS 1.3 supported in Geronimo Java Mail 1.6?

If this is the wrong list, please give me an advice which list
would be
a better fit.

Thanks in advance,
Richard Z




--
Richard Zowalla, M.Sc.
Research Associate, PhD Student | Medical Informatics

Hochschule Heilbronn – University of Applied Sciences
Max-Planck-Str. 39
D-74081 Heilbronn
phone: +49 7131 504 6791
mail: 
[hidden email]

web: 
https://www.mi.hs-heilbronn.de/


-- 
Richard Zowalla, M.Sc.
Research Associate, PhD Student | Medical Informatics

Hochschule Heilbronn – University of Applied Sciences
Max-Planck-Str. 39 
D-74081 Heilbronn 
phone: +49 7131 504 6791

smime.p7s (9K) Download Attachment