Project

General

Profile

Annoying Error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello - is back

Added by User Employee over 2 years ago

Hello, Everyone.

Couple of days ago, Redmine begin receive errors from SMTP server (Redmine does not restart couple month, configurations not edit/change almost two year).

An error occurred while sending mail (SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A)

Configurations

Environment:
  Redmine version                2.5.0.stable
  Ruby version                   1.9.3-p484 (2013-11-22) [i386-mingw32]
  Rails version                  3.2.17
  Environment                    production
  Database adapter               SQLServer
SCM:
  Git                            1.9.5 

-
  email_delivery:
    delivery_method: :smtp
    smtp_settings:
     openssl_verify_mode: none
     enable_starttls_auto: true
     address: "smtp.office365.com" 
     port: 587
     domain: "smtp.office365.com" 
     authentication: :login
     user_name: "email.address@domain.com" 
     password: "passforlogin" 

All params work fine long time, but couple day ago, 20-21 october Redmine begin write to log:

Email delivery error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A

Couple times when I reconfigure email params and add lines:
    tls: false
    ssl: true 

Error displayed like:
Email delivery error: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol

But situation live the same – Emails was NOT sent.
When I try to send test email from Administration -> Settings -> Email notifications, and see error:
An error occurred while sending mail (SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A)

Problem very similar to https://www.redmine.org/boards/2/topics/61576

I try to reconfigure email settings
https://www.redmine.org/projects/redmine/wiki/EmailConfiguration#Office-365-Exchange-Online
Try third party solution from
https://timonweb.com/misc/a-solution-for-an-error-occurred-while-sending-mail-ssl_connect-returned1-errno0-stateunknown-state-unknown-protocol-in-redmine-20-rails-323

But issue does not have solution at now.

Who can help to resolve issue?
Anyone know how to enable debug details for Redmine log?

Thank you.


Replies (4)

RE: Annoying Error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello - is back - Added by User Employee over 2 years ago

Debug proccess show extended error description:

Email delivery error: 421 4.7.66 TLS 1.0 and 1.1 are not supported. Please upgrade/update your client to support TLS 1.2.

How to upgrade Email gem for support TLS v1.2?

RE: Annoying Error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello - is back - Added by Pavel Rosický over 2 years ago

Why are you staying on an 8 years old Redmine version? These versions aren't secure or supported for a long time.

You should really consider an upgrade to a more recent Ruby version which is shipped with a newer OpenSSL library that does support TLS 1.2.

RE: Annoying Error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello - is back - Added by User Employee over 2 years ago

to Pavel Rosický

Because 8 years old Redmine version have too many integrations and customisation, which in turn do not support updates(until recently - new version while 4.2 does not support custom triggers in database).

Thank you.

RE: Annoying Error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello - is back - Added by User Employee about 2 years ago

Hello, Everyone.

Previous problem was fixed made changes in configurations

  email_delivery:
   delivery_method: :smtp
   smtp_settings:
    openssl_verify_mode: none
    enable_starttls_auto: true
    address: "smtp.office365.com" 
    port: 25
    domain: "smtp.office365.com" 
    authentication: :plain
    user_name: "email.address@domain.comm" 
    password: "passforlogin" 

But, after global disabling TLS 1.0 and 1.1 auth protocols(O365, yahoo, gmail etc.), problem was up to next level and now looks like:

Email delivery error: 504 5.7.4 Unrecognized authentication type [SERV0874.DEUP1.PROD.OUTLOOK.COM]

Who knows how to fix this issue?

    (1-4/4)