Stack Overflow
Stack Overflow

Questions tagged [starttls]

STARTTLS is an extension to plain text communication protocols, which offers a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted communication.

STARTTLS is an extension to plain text communication protocols, which offers a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted communication.

STARTTLS is defined for the following protocols:

  • IMAP and POP3 - RFC 2595
  • LDAP - RFC 2830
  • NNTP - RFC 4642
  • SMTP - RFC 3207
  • XMPP - RFC 3920

Most commonly questions about StartTLS relate to SMTP or LDAP. In some cases StartTLS is the only way to connect to an LDAP directory, if the secure/SSL port has not been exposed.

See http://en.wikipedia.org/wiki/STARTTLS for more details.

232 questions
56
votes
1 answer

SMTP STARTTLS certificate negotitiation via telnet

I am trying to start tls in sendmail, but I do not know how to use certificate. Please suggest me way > telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 ESMTP Sendmail ;…
Gaurav Minocha
  • 706
  • 1
  • 5
  • 10
46
votes
3 answers

STARTTLS vs SSL/TLS

Mailclients offer both settings, the STARTTLS and SSL/TLS. What is the difference between STARTTLS and SSL/TLS?
paweloque
  • 18,466
  • 26
  • 80
  • 136
44
votes
7 answers

Postfix and OpenJDK 11: "No appropriate protocol (protocol is disabled or cipher suites are inappropriate)"

I know there are some other questions (with answers) to this topic. But none of these was helpful for me. I have a Postfix server (postfix 3.4.14 on Debian 10 (Buster)) with the following configuration (only the interesting…
Steffen
  • 2,500
  • 4
  • 31
  • 47
42
votes
1 answer

Why doesn't ldapsearch over ssl/tls work?

I am trying to use ldapsearch over a SSL/TLS connection, but it doesn't work: ldapsearch -ZZ -d 5 -b "cn=Users,dc=my,dc=server,dc=com" -s sub -D "cn=mydevice,cn=Users,dc=my,dc=server,dc=com" -h my.server.com -p 3269 -w "mypass" -x…
Qiang Xu
  • 4,353
  • 8
  • 36
  • 45
26
votes
5 answers

JavaMail smtp properties (for STARTTLS)

JavaMail specifies a bunch of properties that can be set to configure an SMTP connection. To use STARTTLS it is necessary to set the following property mail.smtp.starttls.enable=true Where do I specify the username/password to use the smtp service?…
paweloque
  • 18,466
  • 26
  • 80
  • 136
17
votes
3 answers

How do I verify a TLS SMTP certificate is valid in PHP?

To prevent man-in-the-middle attacks (a server pretending to be someone else), I would like to verify that the SMTP server I connect too over SSL has a valid SSL certificate which proves it is who I think it is. For example, after connecting to an…
Xeoncross
  • 55,620
  • 80
  • 262
  • 364
15
votes
1 answer

openssl to negotiate SSL encryption for STARTTLS

I'm using openssl to connect to an SMTP server normally (without encryption), send a STARTTLS command, negotiate the SSL encryption, and then interact with the encrypted session. This is the command I'm using (through telnet): openssl s_client…
studying algorithms
  • 525
  • 2
  • 5
  • 13
10
votes
2 answers

How to accept self-signed certificate from e-mail server via smtplib (TSL)?

My script from stmplib import SMTP con = SMTP(server, port) con.starttls() con.login(user, pass) con.quit() falls with error: python2.7/ssl.py", line 847, in do_handshake self._sslobj.do_handshake() When I run command openssl to this server it…
Serenity
  • 35,289
  • 20
  • 120
  • 115
10
votes
1 answer

Sending email from Python using STARTTLS

I want to send emails with a Python script by using Python's smtplib. The script should only send the email, if an encrypted connection to the server can be established. To encrypt the connection to port 587 I want to use STARTTLS. Using some…
user5415068
  • 203
  • 1
  • 3
  • 8
9
votes
3 answers

Upgrade Java socket to encrypted after issue starttls

I want my app to talk to the server without encryption before issuing a STARTTLS and then upgrade the socket to be encrypted after that. Can I connect to a port (E.g., 5222) and use STARTTLS to request TLS using java? If so, which Socket object…
Bijoy
  • 399
  • 2
  • 7
  • 15
9
votes
2 answers

Using tls-extra for simple smtp

I am trying to write a simple script to send a mail via my gmail account. But I am a beginner so it is not that simple. I tryed google but exept for hackage, there is no help or examples at all. The problem is that I did not find the way to use…
Sarfraz
  • 225
  • 2
  • 10
8
votes
1 answer

Login via starttls method from smtplib to old e-mail server

I use: Python 2.7.15, OpenSSL 1.1.0h (27 Mar 2018), MS Exchange 2007. My MS exchange allows to send login/pass only after STARTTLS. In python I try to connect to server like: from stmplib import SMTP conn =…
pcu
  • 1,204
  • 11
  • 27
8
votes
1 answer

Does System.Net.Mail.SmtpClient use SSL, TLS, StartTLS, or a combination?

This question has answers about negotiating the best version of TLS/SSL available with the server: Which versions of SSL/TLS does System.Net.WebRequest support? However I thought SmtpClient used regular Smtp for transport, with TLS on top - which as…
Mr. Boy
  • 60,845
  • 93
  • 320
  • 589
7
votes
1 answer

Error: connect ECONNREFUSED at exports._errnoException at TCPConnectWrap.afterConnect

I am trying to download a file using a url link but I am getting following error throw er; // Unhandled 'error' event Error: connect ECONNREFUSED at exports._errnoException (util.js:746:11) at TCPConnectWrap.afterConnect [as oncomplete]…
Labeo
  • 5,831
  • 13
  • 47
  • 77
7
votes
3 answers

Java mail without ssl - PKIX path building failed:

I am using java mail to send emails over smtp. The smtp settings given below: Properties props = new Properties(); Object put = props.put("mail.smtp.host", smtpHost); props.put("mail.smtp.user", smtpUser); …
janenz00
  • 3,315
  • 5
  • 28
  • 37
1
2 3
15 16