How to ensure if orchestrator email setup which requires SMTP details are using TLS 1.2 or not?
I found this doc for set up but it did not mention any thing about security:
Disabling TLS1.0 and 1.1 may make integrations with other services over HTTP not work if those are not supporting TLS1.2 (Cyberark, ElasticSearch, StorageBuckets etc)
We can try calling the same commands from PowerShell and decrypt the traffic using wireshark to see the tls details
I am specifically looking for orchestrator email alerts which is sent from Orchestrator only when there is any alert like VM disconnected etc
We target the .NET Framework and let the machine negotiate encryption. We do not explicitly set it anywhere
I would probably opt to use nmap to scan your servers and remote services to see which Protocols and Ciphers are supported, in this case the remote SMTP server you are using. ssl-enum-ciphers NSE script — Nmap Scripting Engine documentation
If you want to explicitly restrict dated protocols and ciphers or priority, you would configure that with your OS and as @Akash_N_Jain mentioned allow the Source and Destination hosts negotiate their connection.
2 Likes
ashokkarale
Yoichi
singh_sumit
sven.wullum1
adi.mehare
ppr
sonaliaggarwal47
shahidh.aqeel.shahul
Akash_Javalekar1
Sami_Rajput