I have problem with my app for reading mails over IMAP.
App reads multiple imap accounts. App can connect to all servers except one that require to use TLS1.2 or TLS1.3.
I have this code:
System.out.println("SSLContext getProtocols(): " + String.join(" ", SSLContext.getDefault().getSupportedSSLParameters().getProtocols()));
Properties props = new Properties();
props.put("mail.imap.auth", "true");
props.put("mail.imap.ssl.enable", "true");
props.put("mail.imap.starttls.enable", "false");
props.put("jdk.tls.client.protocols", "TLSv1.2 TLSv1.3");
props.put("mail.imap.ssl.protocols", "TLSv1.2 TLSv1.3");
Session session = Session.getDefaultInstance(props);
Store store = session.getStore("imaps");
store.connect(mailConf.getImapServer(), mailConf.getImapServerPort(), mailConf.getImapUser(), mailConf.getImapPass());
Folder inbox = store.getFolder(mailConf.getImapMailFolder());
inbox.open(Folder.READ_ONLY);
and run app using:
java -Djdk.tls.client.protocols="TLSv1.2,TLSv1.3" \
-Ddeployment.security.SSLv2Hello=false \
-Ddeployment.security.SSLv3=false \
-Ddeployment.security.TLSv1=false \
-Ddeployment.security.TLSv1.1=false \
-Ddeployment.security.TLSv1.2=true \
-Ddeployment.security.TLSv1.3=true \
-jar myApp.jar
For IMAP server, that require TLS1.2+ I see this output:
SSLContext getProtocols(): TLSv1.3 TLSv1.2 TLSv1.1 TLSv1 SSLv3 SSLv2Hello
Jan 29 11:41:19 myhost myapp[22101]: 2020-01-29 11:41:19 ERROR e.v.MyAppApplication$$EnhancerBySpringCGLIB$$8bb5321c:68 - Imap readMail() error: Received fatal alert: protocol_version
I'm using Java 11:
# java --version
openjdk 11.0.4 2019-07-16
OpenJDK Runtime Environment (build 11.0.4+11-post-Debian-1deb10u1)
OpenJDK 64-Bit Server VM (build 11.0.4+11-post-Debian-1deb10u1, mixed mode, sharing)
What I do bad? How can I force TLS1.2+ for imap connection?
Thanks.
I find solution: upgrade Spring Boot from 2.1.1.RELEASE to 2.2.4.RELEASE.