554 Access denied: Amazon SES no longer supports TLS 1.0 and TLS 1.1 connections. You must update your client to use TLS version 1.2 or above

Our java application is encountering this error. Not sure in which layer this has to be fixed. SSL termination happens only at the LB or webserver layer, not at the application layer. Java 11 is used inside tomcat 9.0.65. Not sure openssl version matters. It's a priority issue. Please help.

주제

사물 인터넷(IoT)자바 개발

태그

전송 계층 보안(TLS)자바 개발

언어

English

devops-stchealth

질문됨 6달 전2010회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

이 답변이 도움이 되었나요?커뮤니티가 여러분의 지식을 활용할 수 있도록 정답을 찬성하세요.

Hi,

Yes, upgrade to TLS 1.2 is now enforced: see https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/

So, you must upgrade your LB and/or webserver so that they work at this newer version of TLS. You application code should remain unchanged.

I don't know all details of your Tomcat config, but usually you enforce TLS v1.2 with -Dhttps.protocols=TLSv1.2 as a config parameter of your setenv.sh script

Best,

Didier

전문가

Didier_Durand

답변함 6달 전

554 Access denied: Amazon SES no longer supports TLS 1.0 and TLS 1.1 connections. You must update your client to use TLS version 1.2 or above

관련 콘텐츠