TLS handshake failure when used with go 1.22.0

Question

TLS handshake failure when used with go 1.22.0

fosmjo opened this issue 10 months ago · 3 comments

I'm using v2.16.0 with go 1.22.0. An error occurred when I call SMTPServer.Connect(), here is the error message:

connect to smtp server: Mail Error on dialing with encryption type SSL/TLS: remote error: tls: handshake failure

It works with go 1.21.6.

Answer 1 · 2024-02-28T20:46:09.000Z

Thanks for the report, I will investigate this.

Answer 2 · 2024-02-29T02:01:24.000Z

I've solved the problem. According to go1.22 release notes, crypto/tls no longer offers cipher suites that don't support ECDHE, and our mail server only supports cipher suites that support RSA, the TLS handshake failed. One of the solutions is to add support for RSA cipher suites with the tlsrsakex=1 GODEBUG setting, another one is to add cipher suites that support RSA manually by using tls.Config.

Answer 3 · 2024-02-29T14:57:07.000Z

Perfect @fosmjo! I will pin this issue to inform other devs. Thanks for the research!