Hello,
I have been using eM Client for many years. Using Fruux as my calendar since now.
But recently I switched to Nextcloud for calendar and switched to my own selfhosted server.
SSL is handled by Nginx, and I had to downgrade the TLS version as well as the ciphers in order for eM Client to be able to connect to the caldav endpoint.
My SSL config is:
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
With this config, the logs show a .net error:
Authentication failed because the remote party sent a TLS alert: ProtocolVersion
With the addition of TLS 1.2, like so
ssl_protocols TLSv1.2 TLSv1.3;
The logs then show
Authentication failed because the remote party sent a TLS alert: Handshake failure
With TLS 1.2 + ECDHE-ECDSA-AES128-GCM-SHA256 it works, eM Client can connect fine.
My final config became :
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256;
This is not super good as there are now better TLS and cipher at this time.
Iām downgrading just for eM Client right now.
Client machine running eM Client is current, with Win 10 and .net 4.6.2 / 4.8 / SDK 5.0 / SDK 6.0 / Core 2.1 / Core 3.1 / Core 5.0 / Core 6.0
Any plans on implementing TLS 1.3 and the more recent ciphers?
Thanks!