Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Unable to send mails - TLS/Java error

All other services work perfectly except BITBUCKET. Recently, the mail service stopped and the log reflects below (Office 365)

 

org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: A potential protocol version downgrade attack. Failed messages: javax.mail.MessagingException: Could not convert socket to TLS;
nested exception is:
javax.net.ssl.SSLHandshakeException: A potential protocol version downgrade attack
at org.springframework.mail.javamail.JavaMailSenderImpl.doSend(JavaMailSenderImpl.java:448)
at org.springframework.mail.javamail.JavaMailSenderImpl.send(JavaMailSenderImpl.java:361)
at org.springframework.mail.javamail.JavaMailSenderImpl.send(JavaMailSenderImpl.java:378)
at org.springframework.mail.javamail.JavaMailSenderImpl.send(JavaMailSenderImpl.java:366)
at com.atlassian.stash.internal.mail.MailServiceImpl.sendMessageSynchronously(MailServiceImpl.java:286)
at com.atlassian.stash.internal.mail.MailServiceImpl.lambda$submit$0(MailServiceImpl.java:162)
at com.atlassian.stash.internal.concurrent.StateTransferringRunnable.run(StateTransferringRunnable.java:50)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.lang.Thread.run(Unknown Source)
... 1 frame trimmed
Caused by: javax.mail.MessagingException: Could not convert socket to TLS
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:2064)
at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:724)
at javax.mail.Service.connect(Service.java:366)
at org.springframework.mail.javamail.JavaMailSenderImpl.connectTransport(JavaMailSenderImpl.java:518)
at org.springframework.mail.javamail.JavaMailSenderImpl.doSend(JavaMailSenderImpl.java:437)
... 11 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: A potential protocol version downgrade attack
at sun.security.ssl.Alert.createSSLException(Unknown Source)
at sun.security.ssl.Alert.createSSLException(Unknown Source)
at sun.security.ssl.TransportContext.fatal(Unknown Source)
at sun.security.ssl.TransportContext.fatal(Unknown Source)
at sun.security.ssl.TransportContext.fatal(Unknown Source)
at sun.security.ssl.ServerHello$ServerHelloConsumer.onServerHello(Unknown Source)
at sun.security.ssl.ServerHello$ServerHelloConsumer.consume(Unknown Source)
at sun.security.ssl.SSLHandshake.consume(Unknown Source)
at sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
at sun.security.ssl.TransportContext.dispatch(Unknown Source)
at sun.security.ssl.SSLTransport.decode(Unknown Source)
at sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:598)
at com.sun.mail.util.SocketFetcher.startTLS(SocketFetcher.java:525)
at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:2059)
... 15 common frames omitted

 

1 answer

1 accepted

0 votes
Answer accepted
Andy Heinzer Atlassian Team Sep 25, 2020

Hi @vaday 

Sorry to hear about this problem.  I did some searching on this error and I came across this bug: BSERV-11889.  It appears that Bitbucket server, by default is not enforcing TLS 1.2, and there is a known change that has recently been implemented by Office 365 to deprecate the older 1.0 and 1.1 versions of TLS. I suspect that Bitbucket is trying to use a different version of this protocol that is not being accepted by the mail host (Office 365).

The good news is that there is a work-around you can follow in order to force Bitbucket to always connect using the 1.2 version of that protocol by editing the bitbucket.properties file:

Workaround:

  1. Add the following setting to bitbucket.properties:
    mail.crypto.protocols=TLSv1.2
    
  2. Restart Bitbucket

Try these steps and let me know if this helps.

Andy

Andy, thanks. I was trying the same but from JAVA side and it did not work. It works with above solution. Very helpful.

Like Andy Heinzer likes this
Andy Heinzer Atlassian Team Sep 28, 2020

Thanks @vaday.  If this solved your problem here, please click the Accept Answer button.  This will help to mark the question as answered, and in turn can help other users that might run across the same error.

Cheers,

Andy

Like vaday likes this

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
7.6.0
TAGS
Community showcase
Published in Bitbucket

Powering DevOps with Bitbucket Server & Data Center

Hi everyone, The Cloud team recently announced 12 new DevOps features that help developers ship better code, faster   ! While we’re all excited about the new improvements to Bitbucket ...

1,922 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you