Hello,
yes my server can do tls 1.2 perfectly and also with the above (strong)
cipher.I did some more tests where i modify step by step my server
configuration until it works and here are my results.
Test 1:My server allows ONLY tls 1.2 and ONLY the cipher
ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Test 2:My server allows ONLY tls 1.2 and ANY cipher
Test 3:My server allows tls 1.2 and tls 1.1 and ANY cipher
Test 4:My server allows tls 1.2 and tls 1.1 and tls 1.0 and ANY cipher
My jmeter.properties is set to do tls1.2 only - but the SSL configuration is
only for the http protocol and not for smtp(s).Thus i think this does not
care.I have java jre 1.8 latest plus the oracle security "Unlimited Strength
Java Cryptography Extension Policy Files" pakage.
My jmeter test plan is very easy.
One thread one smtp sampler and one "view results in tree".The SMTP Sampler
target my mail server on port "465" and the checkbox "use ssl" is enabled and
the hook "Trust all certificates" is enabled too.There is one Subject: hello
and Email body: hello. Simple
Results:Test 1: Fail - no ssl handshakeTest 2: Fail - no ssl handshakeTest 3:
Fail - no ssl handshakeTest 4: Success: Perfectly SSL Handshake. SSL Connection
established using "TLSv1 ECDHE-ECDSA-AES256-SHA" (no client certificate checkup
<- means no mutual ssl)
OK thus it works.I can sent an email with jmeter SMTP sampler using (direct)
ssl on port 465 - but it only works if i activate tls1.0.
I do not found any jmeter configuration about "smtps".
I did some further tests wirh thunderbird 31.4 (on a linux).Here the
results.Test 1: Fails - no ssl connectionTest 2, 3 and 4: Success.
Looking on the thunderbird settings its strange but the cipher i want to use is
not available. Thus i can do tls1.2 but not with my "strong" cipher.
Br.George
Felix Schumacher <[email protected]> schrieb am 10:29
Montag, 1.Juni 2015:
Am 29.05.2015 um 13:16 schrieb George:
> Hello,
> i try to sent a "hello" email using SMTP Sampler and want to use SSL/TLS on
> standard port 465 for this connection.More i want to use TLSv1.2 with the
> very strong cipher "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"Currently the
> handshake fail.
> Technially if i change the configuration on my server to also accept TLSv1.1
> and v1.0 then the SSL connection works and the email is sent perfectly.I see
> in the logs that the client (jmeter) and my server aggreed on a cipher
> comming from TLS1.0.Thus in general SSL is working but not with TLSv1.2.
> Anyone any idea how i can use SMTP(s) with TLSv1.2 and the above cipher?I
> tried to put this in my jmeter.sh file but seems it does not matter?
> JMETER_OPTS="-Dhttps.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
The smtp sampler has no option to specify the wanted ciphersuites, so
the option given above will not be used.
> I also installed lates java jdk and i also installed the additional strong
> security pakage and replaced the .jar files in /usr/java/jre.../lib/security
Which jdk did you install exactly?
Have you checked (with openssl or something similar), that your
mailserver is capable of TLSv1.2?
Regards
Felix
> BrGeorge
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
