使用Go / TLS发送电子邮件会导致“远程错误：握手失败”响应

We're using the Go smtp.SendMail() function to send email. If we disable that function from using TLS, we have no problems sending email to kaser.com. With using TLS, we get the following error: remote error: handshake failure.

If I run openssl s_client -connect kaser.com:25 -starttls smtp, I get the following:

CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = COMODO SSL Wildcard, CN = *.inmotionhosting.com
verify return:1
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=COMODO SSL Wildcard/CN=*.inmotionhosting.com
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIQPO5olnzo7AmygRYMaAwxWjANBgkqhkiG9w0BAQsFADCB
kDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV
BAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0xNDAyMjQwMDAwMDBaFw0xNzAyMjMyMzU5NTlaMGExITAfBgNVBAsTGERv
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEcMBoGA1UECxMTQ09NT0RPIFNTTCBXaWxk
Y2FyZDEeMBwGA1UEAxQVKi5pbm1vdGlvbmhvc3RpbmcuY29tMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGodB+JkHpHHJHsJx+vYmSaUQOxqP9oS6YVk
OpoqKDygz6n5PgYm11KZzhSzdD+mY8YSGQOCmDry21irojJxxEsxt2+ATwJFC9V2
4FYfwKngMDoWy0n21gopeISgo7O8TIgAP+i/HxIFm0N3ROfs5nVvp8CvBhQSakRS
x5Zh+jB5Lo6Ajmko8Z8aRqq3WQvx3CCnJ0psb+efGVsVJ4kv8nHbsqJZqyHxw0Zv
3V58S3wWMO1RORDaG+1AyYCn6192zrpWwEeaQXaxNw9B6SZLTB37ixaQoQoze8wD
Nn7JAQ2x7SrCKIHO1tyRZqZvJion01g0E/MbCOh502H323KihwIDAQABo4IB5zCC
AeMwHwYDVR0jBBgwFoAUkK9qOpRaC9iQ6hJWc99DtDoo2ucwHQYDVR0OBBYEFHuv
zpQRevgYmNy3FzxVJSVSOi+OMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBPBgNVHSAESDBGMDoGCysG
AQQBsjEBAgIHMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5j
b20vQ1BTMAgGBmeBDAECATBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vY3JsLmNv
bW9kb2NhLmNvbS9DT01PRE9SU0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVy
Q0EuY3JsMIGFBggrBgEFBQcBAQR5MHcwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9jcnQu
Y29tb2RvY2EuY29tL0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2
ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTA1
BgNVHREELjAsghUqLmlubW90aW9uaG9zdGluZy5jb22CE2lubW90aW9uaG9zdGlu
Zy5jb20wDQYJKoZIhvcNAQELBQADggEBAAGSDm2jXQFgodUt5YBajGv4fUm1kVeX
wHcWnOWrYkdnzg1cdUgqQZx5evQxg/CBuxz6SKEos8ao1udFpXHcyVOqhs7vo8Vy
QjItiVX4zevtRnpqXzJ2LjlFqd5N+/ENq2pYMihJl6SvHGB/ejG5C0+DHw4RyOtc
c9OeKCfr7d/JGFSqzLidabSVboenzGBJW1aG4r2uza7J3QyxPpCsnL4sg1w2gagE
NAnHrghU50lK0Ha2NiWn4+G6PFQRiXanmPdFqqUGbMn/ZN6rK8+LIOEJ7NL8L3ED
mMh1aMqza9RY4iN8MXgxQ7da9l2rGbHf24FbdFM/qV7+FBoStQm6it8=
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/OU=COMODO SSL Wildcard/CN=*.inmotionhosting.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
---
SSL handshake has read 4861 bytes and written 596 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : RC4-SHA
    Session-ID: F532F400F99290364AECE777619E466E7C3C3086D23F77F694AEA7F86DB4A2A7
    Session-ID-ctx:
    Master-Key: BF3551E6A77A02A7AA8F0273B1478D7C17AF6404D176974F55CDC4287671FAC71C7E454224001BE15C57BE6254CE5094
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1455730440
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
250 HELP
quit

Any ideas why it doesn't like Go's TLS?

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
doutang7661 2016-02-17 18:31
关注
If you're certain that the server only accepts insecure cipher suites and can't be updated, go does have some RC4 ciphers included, but disabled.

The smtp.SendMail convenience function doesn't have a way to change the tls.Config, but it's easy to take the body of that function and use the smtp.Client manually.

You can create a tls.Config with the CipherSuites you want, and pass it to Client.StartTLS

config := &tls.Config{ ServerName: serverName, CipherSuites: []uint16{tls.TLS_RSA_WITH_RC4_128_SHA}, } // c is an smtp.Client if err = c.StartTLS(config); err != nil { return err }
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

使用Go / TLS发送电子邮件会导致“远程错误：握手失败”响应 ssl
2016-02-17 17:56

回答 1 已采纳 If you're certain that the server only accepts insecure cipher suites and can't be updated, go doe
Golang与SQL Server的连接错误-“ TLS握手失败：无法读取握手数据包：EOF” azure ssl
2019-08-05 17:38

回答 1 已采纳 I ended up fixing this without identifying the root cause. Once I tried connecting to the VM over
远程错误：tls：使用go get拒绝访问 git github
2018-11-19 07:52

回答 2 已采纳 Fixed by "export http_proxy=*****"
【网络面试知识点汇总】：tcp && http && https && ssh && websocket && ssl && tls && openssl && openssh
2023-03-29 19:47

二进制coder的博客【网络面试知识点汇总】：tcp && http && https && ssh && websocket && ssl && tls && openssl && openssh
从PHP发送电子邮件时使用SSL / TLS php ssl
2011-10-03 14:26

回答 2 已采纳 The type of encryption you are looking for is not SSL/TSL, which is used to encrypt transmission b
如何在Go中检查错误是否为TLS握手超时 http
2017-08-21 09:11

回答 1 已采纳 Yes tlsHandshakeTimeoutError - is not exported and the only one possibility to check on this erro
Websockets服务器的SSL / TLS-Go lang ssl websocket
2017-06-06 23:45

回答 1 已采纳 I ended up obtaining the certs from: https://certbot.eff.org/#ubuntuxenial-other certbot certonly
计算机网络知识汇总（超详细整理）
2021-06-22 15:44

发光如星的博客为了准备期末考试，同时也是为了之后复习方便，特对计算机网络的知识进行了整理。本篇内容大部分是来源于我们老师上课的ppt。而我根据自己的理解，将老师的PPT整理成博文的形式以便大家复习查阅，同时对于一些不是很...
tomcat连接https 该站点使用过期的或不安全的 TLS 安全设置。 TLS 安全设置未设置为默认设置，这也可能导致此错误。 https tomcat 开发语言有问必答
2021-09-02 11:44

回答 1 已采纳你可能还没有将生成的证书加入到浏览器里面
PHPMailer- Mailer错误：SMTP connect（）失败。 https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting？ php
2017-06-28 11:24

回答 2 已采纳 You must to have installed php_openssl.dll, if you use wampserver it's pretty easy, search and app
Golang-TLS握手错误 https
2016-01-16 05:07

回答 1 已采纳 I enabled tcp keepalive and this problem got solved. I was running my VM in google compute engine
计算机网络
2023-10-05 20:30

努力学习，努力爱你！的博客计算机网络（简称网络）把许多计算机连接在一起，而互联网把许多网络连接在一起，是网络的网络。小写字母 i 开头的 internet（互联网）是通用名词，它泛指由多个计算机网络相互连接而成的网络。在这些网络之间的通信...
自v12升级以来，Azure SQL数据库错误TLS握手失败 azure
2015-12-11 15:42

回答 1 已采纳 Based on this closed issue I changed TrustServerCertificate from False to True and added this para
计算机基础01 - 计算机网络
2022-08-01 17:41

我就闷着冲冲冲的博客计算机网络
Go必知必会系列：网络安全与加密
2023-11-10 01:28

禅与计算机程序设计艺术的博客网络安全是指保障计算机网络通信、数据传输和资源共享的安全性、可用性和完整性。由于信息的快速传递和海量数据的产生，计算机网络安全已经成为人们越来越关注的问题。网络安全产品的研发必须符合相关法律法规和行业...
没有解决我的问题, 去提问

悬赏问题

¥15 前置放大电路与功率放大电路相连放大倍数出现问题
¥30 关于<main>标签页面跳转的问题
¥80 部署运行web自动化项目
¥15 腾讯云如何建立同一个项目中物模型之间的联系
¥30 VMware 云桌面水印如何添加
¥15 用ns3仿真出5G核心网网元
¥15 matlab答疑关于海上风电的爬坡事件检测
¥88 python部署量化回测异常问题
¥15 在现有系统基础上增加功能
¥15 远程桌面文档内容复制粘贴，格式会变化

使用Go / TLS发送电子邮件会导致“远程错误：握手失败”响应

1条回答 默认 最新

悬赏问题

1条回答默认最新