How to change the security type from SSL to TLS in Jenkins?

I am trying to setup the smtp email notification. I could see that the gmail part works fine. I want to configure it for my office 365.

Smtp server = smtp.office365.com

  • Jenkins - Get last completed build status
  • Integrating SourceMonitor into a Jenkins CI-System
  • Running ios-sim with Jenkins
  • Is it possible to trigger Jenkins from one specific branch only?
  • Jenkins/Hudson - How to run multiple jobs in parallel more than 1 level deep?
  • Jenkins - Promoted Builds & Git
  • We don’t have SSL configured. Instead we use TLS. How can I set the TLS in the Jenkins?
    There is only a check button which suggests to use SSL or not. If I disable it what is it going to use?

    I get the following errors –

    Failed to send out e-mail
    
    javax.mail.MessagingException: Could not connect to SMTP host: smtp.office365.com, port: 587;
      nested exception is:
        javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
        at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1934)
        at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:638)
        at javax.mail.Service.connect(Service.java:317)
        at javax.mail.Service.connect(Service.java:176)
        at javax.mail.Service.connect(Service.java:125)
        at javax.mail.Transport.send0(Transport.java:194)
        at javax.mail.Transport.send(Transport.java:124)
        at hudson.tasks.Mailer$DescriptorImpl.doSendTestMail(Mailer.java:499)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
        at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
        at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
        at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120)
        at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
        at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
        at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
        at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:248)
        at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
        at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
        at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
        at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631)
        at org.kohsuke.stapler.Stapler.service(Stapler.java:225)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494)
        at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96)
        at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
        at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
        at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
        at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
        at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
        at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
        at org.eclipse.jetty.server.Server.handle(Server.java:370)
        at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
        at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960)
        at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021)
        at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
        at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
        at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
        at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at java.lang.Thread.run(Thread.java:679)
    Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
        at sun.security.ssl.InputRecord.handleUnknownRecord(InputRecord.java:542)
        at sun.security.ssl.InputRecord.read(InputRecord.java:374)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:850)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1190)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1217)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1201)
        at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:507)
        at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:238)
        at com.sun.mail.smtp.SMTPTransport.openServer(SMTPTransport.java:1900)
        ... 63 more
    

  • For the Jenkins git plugin, where is it recommended to run `git config`?
  • node labels from jenkins api
  • buildbot vs hudson/jenkins for C++ continuous integration
  • Jenkins integration with Grunt
  • How to get the current session user in Jenkins on a Groovy parameter
  • Jenkins How to find if a given slave is running a Job
  • 7 Solutions collect form web for “How to change the security type from SSL to TLS in Jenkins?”

    For Jenkins on Windows, open jenkins.xml and modify the arguments node

    -Xrs -Xmx256m -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -Dmail.smtp.starttls.enable=true -jar “%BASE%\jenkins.war” –httpPort=8080

    Office 365 indeed requires authenticated SMTP with TLS. The SSL option in the Jenkins configuration does not help, leave it unchecked. Instead add the following system property to the Jenkins VM:

    -Dmail.smtp.starttls.enable=true
    

    For the standalone Jenkins put it in jenkins.xml from the installation folder and for Tomcat update the startup script or use tray icon on Windows.

    Then restart jenkins and you’re good to go.

    Here is what worked for me running Jenkins on CentOS. Edit /etc/sysconfig/jenkins and add the option -Dmail.smtp.starttls.enable=true to JENKINS_JAVA_OPTIONS,

    If there’s some other variable already, append -Dmail.smtp.starttls.enable=true to it, so it should be similar to the below:

    JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Dmail.smtp.starttls.enable=true"
    

    restart Jenkins with service jenkins restart and you should be good to go

    I run Jenkins under Ubuntu Server 14.04 and I had to adapt the previous answer which addresses CentOS distribution.

    First of all, under most Linux distribution, the configuration file for Jenkins is located at /etc/default/jenkins (see this link). I use Jenkins 2.7 and I append -Dmail.smtp.starttls.enable=true to the existant setting variable JAVA_ARGS. Finally, I ended with this:

    JAVA_ARGS="-Djava.awt.headless=true -Dmail.smtp.starttls.enable=true"
    

    Thanks for the answers, I got it fixed. First of all, the JAVA supports by default only SSL. So, Jenkins Java options need to be set to enable TLS. Afterwards, start the Jenkins service. The problem of this permission issue occurs when you don’t give the System Admin e-mail address under the Jenkins location column. This doesn’t happen for gmail smtp. I guess office 365 has a high security. So, it allows only the registered user to send the emails.

    For me adding “-Dmail.smtp.starttls.enable=true” to java options didn’t work out of the box – Jenkins was trying to connect to the SMTP, but in the the logs at /var/log/maillog (CentOS 7.2) I’ve seen that the connection is established and then after some time (presumably after time out) postfix has reported “lost connection after CONNECT from {host_name}”. I have also connection through TLS. After some research I’ve decided to try different port – 587 – instead of default 465 and voila! – finally the test email was sent.

    SSL and TLS are, effectively, the same.

    Git Baby is a git and github fan, let's start git clone.