1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi,
Its's great that you have the libraries at the right level but you may also need to do some (minor) changes in your application code to use it instead of previous versions.
See https://onelinerhub.com/php-swiftmailer/how-to-use-tls-1.2-with-swiftmailer. for the details.
Best,
Didier
関連するコンテンツ
- AWS公式更新しました 2年前
- AWS公式更新しました 2年前
- AWS公式更新しました 9ヶ月前
Hi,
Thanks for the suggestion but that didn't seem to work. I am monitoring TLS < 1.2 connections with TCPdump using the following command:
$ tcpdump "tcp port 587 and (tcp[((tcp[12] & 0xf0) >>2)] = 0x16) && (tcp[((tcp[12] & 0xf0) >>2)+9] = 0x03) && ( (tcp[((tcp[12] & 0xf0) >>2)+10] = 0x01) || (tcp[((tcp[12] & 0xf0) >>2)+10] = 0x02))" -X
And get this as part of the result after adding the additional config:
"0x0050: e941 7b4f a11f 3444 4f57 4e47 5244 0020 .A{O..4DOWNGRD.. 0x0060: d150 dc04 43ad 2d79 2e81 3660 4536 7213 .P..C.-y..6`E6r."
I am assuming DOWNGRD must mean reverting back to 1.1 or 1.0.
However running:
$ openssl s_client -crlf -starttls smtp -connect email-smtp.eu-west-1.amazonaws.com:587 -tls1_2
Does result in:
" ..... SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE....... "
So it appears I am able to make a connection directly...