- Newest
- Most votes
- Most comments
The issue you're facing is likely due to the fact that your log4j configuration is using an older version of the SMTP protocol that does not support TLS 1.2. The error message javax.net.ssl.SSLHandshakeException: Received fatal alert: protocol_version
suggests that the SMTP server is not able to negotiate a compatible TLS protocol with your application.
To resolve this issue, you'll need to update your log4j configuration to use a newer SMTP protocol that supports TLS 1.2. Here are the steps you can follow:
- Update the SMTP protocol configuration:
- Change the
<smtpProtocol>
element fromsmtps
tosmtp
in your log4j XML configuration. - This will use the STARTTLS protocol, which is the recommended way to connect to SMTP servers using TLS 1.2.
- Change the
Your updated log4j XML configuration should look like this:
<SMTP> <name>EmailAppender</name> <subject>[ERROR]</subject> <to>recipient</to> <from>sender</from> <smtpHost>email-smtp.us-east-1.amazonaws.com</smtpHost> <smtpPort>587</smtpPort> <ignoreExceptions>false</ignoreExceptions> <smtpUsername>username</smtpUsername> <smtpPassword>password</smtpPassword> <smtpProtocol>smtp</smtpProtocol> <HtmlLayout charset="UTF-8" locationInfo="true" /> </SMTP>
-
Verify the SMTP server configuration:
- Ensure that the SMTP server (email-smtp.us-east-1.amazonaws.com) is configured to support TLS 1.2.
- You may need to check with your SMTP service provider or AWS SES to confirm the supported TLS versions.
-
Update the Java system properties:
- In addition to the code snippet you've already added, you can also try setting the
javax.net.ssl.protocols
system property to "TLSv1.2":
- In addition to the code snippet you've already added, you can also try setting the
System.setProperty("javax.net.ssl.protocols", "TLSv1.2");
This will ensure that your application uses TLS 1.2 for all SSL/TLS connections, including the one used by the log4j SMTP appender.
- Check the Java version:
- Ensure that you're using a Java version that supports TLS 1.2 by default. Java 8 and later versions should support TLS 1.2 out of the box.
By making these changes, your log4j SMTP appender should be able to connect to the SMTP server using the TLS 1.2 protocol and successfully send emails.
If you still encounter issues, you may want to check the AWS SES documentation or reach out to AWS support for further assistance.
Relevant content
- Accepted Answerasked a year ago
- asked 5 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
It works brilliantly! Many thanks, you solved my months long issue!