Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Email step fails on servers with self-signed certificate even though SSL is not enabled #5584
Are you a customer of Octopus Deploy? Don't raise the issue here. Please contact our support team so we can triage your issue, making sure it's handled appropriately.
Sending emails via SMTP server that does not support TLS fails with TLS error even when it's configured to not use SSL. This used to work, but after the switch to MailKit it has started failing.
What I expected to happen
Sending emails via SMTP server that does not support TLS succeeds.
Octopus Server: 2019.5.4
Support ticket (private): https://secure.helpscout.net/conversation/857793054/44943?folderId=571729
Re-opening this ticket as we have had a number of reports that emails still fail but this time when using O365 as SMTP server
Release Note: If SMTP is configured to use SSL/TLS and initial connection using SSL fails, we try to connect using TLS instead. If SMTP is not configured to use SSL/TLS we intially try to connect using TLS but if that fails we connect using an insecure connection.
Hello, I saw in the release notes:
And we would just like some confidence that this isn't a security issue. For example, an attacker performing a MITM attack causes the connection to fail and be retried insecurely, allowing them to read the credentials on the second pass.
If you have configured your SMTP configuration to use
If you've configured your SMTP configuration to not use
I hope that helps.