- Splunk Answers
- :
- Splunk Platform Products
- :
- Splunk Enterprise
- :
- Re: SSL: WRONG_VERSION_NUMBER when sending email
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSL: WRONG_VERSION_NUMBER when sending email
HI,
I am getting the following error when trying to send an email
command="sendemail", [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:741) while sending mail to
using the command
index=_internal | head 1 | sendemail to="my email" from="domain email" format="html" server=smtp-relay.gmail.com:587 use_ssl=1
How can I fix this error?
Thanks
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Skalli,
After applying the config change and adding
[email]
sslVersions = *,-ssl2
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH
Got rid of that error now getting
command="sendemail", [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:741)
Running the below command returns the following
sudo ./splunk/bin/splunk cmd openssl s_client -connect smtp-relay.gmail.com:587 | awk '/Protocol/ || /Cipher/ || /Verify/'
140005157344960:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:827:
New, (NONE), Cipher is (NONE)
Protocol : TLSv1.2
Cipher : 0000
Verify return code: 0 (ok)
The server has other applications successfully sending emails via the above mail server so I am missing something in the config.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try to use default port 465 not 587
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hm, this seems weird. Are you using a certificate of your own CA (or Let's Encrypt)? Can you test that certificate (validate) and check if it's in the correct format? If you can not connct wiht openssl to that server, it's the certificate.
Skalli
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Skalli,
It's not our certificate it's Google's certificate and as stated we have other applications installed (Jira, Confluence) that can successfully connect and send emails via the same mail server.
I am at a loss as well as I do not know why one application is working correctly and another is not. I may have to try a different mail server and see how I go.
Thanks.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Extending Observability Content to Splunk Cloud
More Control Over Your Monitoring Costs with Archived Metrics!
New in Observability Cloud - Explicit Bucket Histograms
