JIRA Throws 'unsupported or disabled protocol' Errors when Retrieving Mail

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Symptoms

JIRA is unable to retrieve mail messages from a particular mail server. Errors like the following are displayed in the atlassian-jira.log file:

2011-03-18 12:06:19,064 JiraQuartzScheduler_Worker-0 ERROR ServiceRunner    Create Issue/Comment Service for <****> [service.services.mail.MailFetcherService] Create Issue/Comment Service for <****>[10040]: Error connecting to host '****' as user '****' via protocol 'pop3s': javax.mail.MessagingException: Connect failed;
  nested exception is:
	javax.net.ssl.SSLHandshakeException: Server chose unsupported or disabled protocol: SSLv3
javax.mail.MessagingException: Connect failed;
  nested exception is:
	javax.net.ssl.SSLHandshakeException: Server chose unsupported or disabled protocol: SSLv3
	at com.sun.mail.pop3.POP3Store.protocolConnect(POP3Store.java:161)
	at javax.mail.Service.connect(Service.java:288)
	at com.atlassian.jira.service.services.mail.MailFetcherService.run(MailFetcherService.java:149)
	at com.atlassian.jira.service.JiraServiceContainerImpl.run(JiraServiceContainerImpl.java:67)
	at com.atlassian.jira.service.ServiceRunner.execute(ServiceRunner.java:48)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:191)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)
Caused by: javax.net.ssl.SSLHandshakeException: Server chose unsupported or disabled protocol: SSLv3

Cause

The javax.mail library used by JIRA to retrieve mail messages from POP and IMAP servers does not support the SSLv3 protocol.

Resolution

The easiest way to resolve this is to enable SSLv3 by adding a startup option and restarting.

  1. For pop3/s, you would add the following option:

    -Dmail.pop3s.ssl.protocols=SSLv3

  2. For imaps, you would add the following option:

    -Dmail.imaps.ssl.protocols=SSLv3

Alternately, you can:

  1. configure your mail server to allow SSLv2 or TLS, both of which are supported.
  2. allow JIRA to use the non-SSL ports when checking mail.
  3. set up an stunnel connection to the mail server, and allowing JIRA to connect to the mail server via the tunnel.
Last modified on Mar 30, 2016

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.