Orchestrtor mail settings allow TLS 1.2?

How to ensure if orchestrator email setup which requires SMTP details are using TLS 1.2 or not?
I found this doc for set up but it did not mention any thing about security:

Disabling TLS1.0 and 1.1 may make integrations with other services over HTTP not work if those are not supporting TLS1.2 (Cyberark, ElasticSearch, StorageBuckets etc)

We can try calling the same commands from PowerShell and decrypt the traffic using wireshark to see the tls details

I am specifically looking for orchestrator email alerts which is sent from Orchestrator only when there is any alert like VM disconnected etc

We target the .NET Framework and let the machine negotiate encryption. We do not explicitly set it anywhere

I would probably opt to use nmap to scan your servers and remote services to see which Protocols and Ciphers are supported, in this case the remote SMTP server you are using. ssl-enum-ciphers NSE script &emdash; Nmap Scripting Engine documentation

If you want to explicitly restrict dated protocols and ciphers or priority, you would configure that with your OS and as @Akash_N_Jain mentioned allow the Source and Destination hosts negotiate their connection.

2 Likes