Bonjour à toutes et à tous,
J'utilise l'offre : MX PLAN
Depuis quelques jours je ne peux plus envoyer d'émail avec ma messagerie Thunderbird sur mon ordinateur sous Windows 7 . Le message d'erreur : "L’envoi du message a échoué. Le message n’a pas pu être envoyé car la connexion au serveur sortant (SMTP) « ssl0.ovh.net » a été perdue pendant la transaction. Veuillez essayer à nouveau."
J'utilise également Thunderbird pour une autre adresse de messagerie avec un autre fournisseur en l'occurrence Orange et là tout fonctionne !
Bizarre non, vous avez dit bizarre, je suis une quiche en informatique mais j'aimerai bien comprendre autour d'un verre virtuel.
Salutations les amis
L’envoi du message a échoué.
Est-ce que votre Thunderbird ou votre PC serait tellement vieux qu'il ne supporte pas TLS 1.2 ?
Je suis d'accord, mon PC est peut-être un peu vieux mais dans ce cas, ma messagerie perso avec Orange ne devrait également pas fonctionner avec Thunderbird, le problème est uniquement avec mon émail pro chez OVH !
Que faire ?
Orange ne devrait également pas fonctionner avec Thunderbird, le problème est uniquement avec mon émail pro chez OVH !
Ce que vous dites n'est pas exact.
Les deux parties doivent s'accorder pour "parler" le même langage crypté.
Si OVH décide de ne plus supporter les protocoles ancestraux et plein de vulnérabilités, il est temps de vous mettre un peu à jour...
ah satané mise à jour … c'est lié à Window 7, c'est bien cela ?
merci pour votre réponse
c'est lié à Window 7, c'est bien cela ?
Windows 7 ? je serais surpris. Vous auriez dit Windows XP que ce serait évident. Je ne peux pas vous répondre. Essayez avec port 587 et méthode: startTLS
Port 587 de ssl0.ovh.net
> ~/testssl.sh-3.0.8# ./testssl.sh -t smtp ssl0.ovh.net:587
> ###########################################################
> testssl.sh 3.0.8 from https://testssl.sh/
> (abdd51d 2022-09-28 09:19:37)
> This program is free software. Distribution and
> modification under GPLv2 permitted.
> USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
> Please file bugs @ https://testssl.sh/bugs/
> ###########################################################
> Using "OpenSSL 1.0.2-bad (1.0.2k-dev)" [~179 ciphers]
> on k3:./bin/openssl.Linux.x86_64
> (built: "Sep 1 14:03:44 2022", platform: "linux-x86_64")
> Start 2022-12-16 12:06:40 -->> 193.70.18.144:587 (ssl0.ovh.net) <<--
> rDNS (193.70.18.144): ssl0.ovh.net.
> Service set: STARTTLS via SMTP
> Testing protocols via sockets
> SSLv2 not offered (OK)
> SSLv3 likely not offered (OK), received 4xx/5xx after STARTTLS handshake, rerun with DEBUG>=2 or --ssl-native
> TLS 1 offered (deprecated)
> TLS 1.1 offered (deprecated)
> TLS 1.2 offered (OK)
> TLS 1.3 likely not offered, received 4xx/5xx after STARTTLS handshake, rerun with DEBUG>=2 or --ssl-native
> Testing cipher categories
> NULL ciphers (no encryption) not offered (OK)
> Anonymous NULL Ciphers (no authentication) not offered (OK)
> Export ciphers (w/o ADH+NULL) not offered (OK)
> LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK)
> Triple DES Ciphers / IDEA offered
> Obsolete CBC ciphers (AES, ARIA etc.) offered
> Strong encryption (AEAD ciphers) not offered
> Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
> PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384
> DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
> DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA
> Elliptic curves offered: prime256v1 secp384r1 secp521r1
> DH group offered: ffdhe2048
> Testing server preferences
> Has server cipher order? yes (OK)
> Negotiated protocol TLSv1.2
> Negotiated cipher ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Cipher order
> TLSv1: ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-SHA AES128-SHA DES-CBC3-SHA
> TLSv1.1: ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-SHA AES128-SHA DES-CBC3-SHA
> TLSv1.2: ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA
> ECDHE-RSA-AES128-GCM-SHA256 AES256-SHA256 AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 AES128-SHA256
> AES128-SHA DES-CBC3-SHA AES256-GCM-SHA384
> Testing server defaults (Server Hello)
> TLS extensions (standard) "status request/#5" "renegotiation info/#65281" "extended master secret/#23"
> Session Ticket RFC 5077 hint no -- no lifetime advertised
> SSL Session ID support yes
> Session Resumption Tickets no, ID: no
> TLS clock skew +31 sec from localtime
> Signature Algorithm SHA256 with RSA
> Server key size RSA 4096 bits
> Server key usage Digital Signature, Key Encipherment
> Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication
> Serial 59A2D933EDAD0FDDDB44E1E2C77BF602 (OK: length 16)
> Fingerprints SHA1 4734FEF35537BEDC36FF1FA5963EFE182110941E
> SHA256 365F06F785A11D8BC55ED40FD65C0A8F6606F1AF21F379C1D15741E65C4BFBF7
> Common Name (CN) ns0.ovh.net
> subjectAltName (SAN) ns0.ovh.net smtp.mail.ovh.net ssl0.ovh.net
> Issuer Sectigo RSA Domain Validation Secure Server CA (Sectigo Limited from GB)
> Trust (hostname) Ok via SAN (same w/o SNI)
> Chain of trust Ok
> EV cert (experimental) no
> ETS/"eTLS", visibility info not present
> Certificate Validity (UTC) 258 >= 60 days (2022-08-31 00:00 --> 2023-08-31 23:59)
> # of certificates provided 2
> Certificate Revocation List --
> OCSP URI http://ocsp.sectigo.com
> OCSP stapling offered, not revoked
> OCSP must staple extension --
> DNS CAA RR (experimental) not offered
> Certificate Transparency yes (certificate extension)
> Testing vulnerabilities
> Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
> CCS (CVE-2014-0224) not vulnerable (OK)
> ROBOT not vulnerable (OK)
> Secure Renegotiation (RFC 5746) supported (OK)
> Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), potential DoS threat
> CRIME, TLS (CVE-2012-4929) not vulnerable (OK) (not using HTTP anyway)
> POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support
> TLS_FALLBACK_SCSV (RFC 7507) Rerun including POODLE SSL check. Downgrade attack prevention NOT supported
> SWEET32 (CVE-2016-2183, CVE-2016-6329) VULNERABLE, uses 64 bit block ciphers
> FREAK (CVE-2015-0204) not vulnerable (OK)
> DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
> make sure you don't use this certificate elsewhere with SSLv2 enabled services
> https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=365F06F785A11D8BC55ED40FD65C0A8F6606F1AF21F379C1D15741E65C4BFBF7
> LOGJAM (CVE-2015-4000), experimental common prime with 2048 bits detected: RFC7919/ffdhe2048 (2048 bits),
> but no DH EXPORT ciphers
> BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-SHA AES128-SHA DES-CBC3-SHA
> VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
> LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
> RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
> Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
> Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC)
> -----------------------------------------------------------------------------------------------------------------------------
> xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 384 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
> xc028 ECDHE-RSA-AES256-SHA384 ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
> xc014 ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
> x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
> x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
> xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> xc027 ECDHE-RSA-AES128-SHA256 ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
> xc013 ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
> x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
> x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
> x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
> x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
> Running client simulations via sockets
> Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> Android 9.0 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 10.0 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 11 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 12 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 521 bit ECDH (P-521)
> Java 8u161 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
> Java 11.0.2 (OpenJDK) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Java 17.0.3 (OpenJDK) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> go 1.17.8 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> LibreSSL 2.8.3 (Apple) TLSv1.2 ECDHE-RSA-AES256-SHA384, 384 bit ECDH (P-384)
> OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
> OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> OpenSSL 1.1.1d (Debian) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 253 bit ECDH (X25519)
> OpenSSL 3.0.3 (git) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> Apple Mail (16.0) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Thunderbird (91.9) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 253 bit ECDH (X25519)
> Done 2022-12-16 12:09:13 [ 161s] -->> 193.70.18.144:587 (ssl0.ovh.net) <<--
Port 465 (avec SSL, mais pas TLS)
> ~/testssl.sh-3.0.8# ./testssl.sh ssl0.ovh.net:465
> ###########################################################
> testssl.sh 3.0.8 from https://testssl.sh/
> (abdd51d 2022-09-28 09:19:37)
> This program is free software. Distribution and
> modification under GPLv2 permitted.
> USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
> Please file bugs @ https://testssl.sh/bugs/
> ###########################################################
> Using "OpenSSL 1.0.2-bad (1.0.2k-dev)" [~179 ciphers]
> on k3:./bin/openssl.Linux.x86_64
> (built: "Sep 1 14:03:44 2022", platform: "linux-x86_64")
> Start 2022-12-16 12:11:47 -->> 193.70.18.144:465 (ssl0.ovh.net) <<--
> rDNS (193.70.18.144): ssl0.ovh.net.
> Service detected: Couldn't determine what's running on port 465, assuming no HTTP service => skipping all HTTP checks
> Testing protocols via sockets except NPN+ALPN
> SSLv2 not offered (OK)
> SSLv3 not offered (OK)
> TLS 1 offered (deprecated)
> TLS 1.1 offered (deprecated)
> TLS 1.2 offered (OK)
> TLS 1.3 not offered and downgraded to a weaker protocol
> NPN/SPDY not offered
> ALPN/HTTP2 not offered
> Testing cipher categories
> NULL ciphers (no encryption) not offered (OK)
> Anonymous NULL Ciphers (no authentication) not offered (OK)
> Export ciphers (w/o ADH+NULL) not offered (OK)
> LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK)
> Triple DES Ciphers / IDEA offered
> Obsolete CBC ciphers (AES, ARIA etc.) offered
> Strong encryption (AEAD ciphers) not offered
> Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
> PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA256
> ECDHE-RSA-AES128-SHA
> Elliptic curves offered: prime256v1 secp384r1 secp521r1
> Testing server preferences
> Has server cipher order? no (NOT ok)
> Negotiated protocol TLSv1.2
> Negotiated cipher ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521) (limited sense as client will pick)
> Negotiated cipher per proto (limited sense as client will pick)
> ECDHE-RSA-AES256-SHA: TLSv1, TLSv1.1
> ECDHE-RSA-AES256-SHA384: TLSv1.2
> No further cipher order check has been done as order is determined by the client
> Testing server defaults (Server Hello)
> TLS extensions (standard) "status request/#5" "renegotiation info/#65281" "extended master secret/#23"
> Session Ticket RFC 5077 hint no -- no lifetime advertised
> SSL Session ID support yes
> Session Resumption Tickets no, ID: no
> TLS clock skew +35 sec from localtime
> Signature Algorithm SHA256 with RSA
> Server key size RSA 4096 bits
> Server key usage Digital Signature, Key Encipherment
> Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication
> Serial 59A2D933EDAD0FDDDB44E1E2C77BF602 (OK: length 16)
> Fingerprints SHA1 4734FEF35537BEDC36FF1FA5963EFE182110941E
> SHA256 365F06F785A11D8BC55ED40FD65C0A8F6606F1AF21F379C1D15741E65C4BFBF7
> Common Name (CN) ns0.ovh.net
> subjectAltName (SAN) ns0.ovh.net smtp.mail.ovh.net ssl0.ovh.net
> Issuer Sectigo RSA Domain Validation Secure Server CA (Sectigo Limited from GB)
> Trust (hostname) Ok via SAN (same w/o SNI)
> Chain of trust Ok
> EV cert (experimental) no
> ETS/"eTLS", visibility info not present
> Certificate Validity (UTC) 258 >= 60 days (2022-08-31 00:00 --> 2023-08-31 23:59)
> # of certificates provided 2
> Certificate Revocation List --
> OCSP URI http://ocsp.sectigo.com
> OCSP stapling offered, not revoked
> OCSP must staple extension --
> DNS CAA RR (experimental) not offered
> Certificate Transparency yes (certificate extension)
> Testing vulnerabilities
> Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
> CCS (CVE-2014-0224) not vulnerable (OK)
> Ticketbleed (CVE-2016-9244), experiment. -- (applicable only for HTTPS)
> ROBOT not vulnerable (OK)
> Secure Renegotiation (RFC 5746) supported (OK)
> Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), potential DoS threat
> CRIME, TLS (CVE-2012-4929) not vulnerable (OK) (not using HTTP anyway)
> POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support
> TLS_FALLBACK_SCSV (RFC 7507) Rerun including POODLE SSL check. Downgrade attack prevention NOT supported
> SWEET32 (CVE-2016-2183, CVE-2016-6329) VULNERABLE, uses 64 bit block ciphers
> FREAK (CVE-2015-0204) not vulnerable (OK)
> DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
> make sure you don't use this certificate elsewhere with SSLv2 enabled services
> https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=365F06F785A11D8BC55ED40FD65C0A8F6606F1AF21F379C1D15741E65C4BFBF7
> LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
> BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA AES256-SHA AES128-SHA DES-CBC3-SHA
> DHE-RSA-AES256-SHA
> VULNERABLE -- but also supports higher protocols TLSv1.1 TLSv1.2 (likely mitigated)
> LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
> RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
> Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
> Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC)
> -----------------------------------------------------------------------------------------------------------------------------
> xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
> xc028 ECDHE-RSA-AES256-SHA384 ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
> xc014 ECDHE-RSA-AES256-SHA ECDH 521 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
> x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
> x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
> x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
> xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> xc027 ECDHE-RSA-AES128-SHA256 ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
> xc013 ECDHE-RSA-AES128-SHA ECDH 521 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
> x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
> x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
> x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
> x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
> x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA
> Could not determine the protocol, only simulating generic clients.
> Running client simulations via sockets
> Android 6.0 TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 7.0 (native) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 256 bit ECDH (P-256)
> Android 8.1 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 9.0 (native) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> Android 10.0 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 11 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Android 12 (native) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Chrome 79 (Win 10) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Chrome 101 (Win 10) TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Firefox 66 (Win 8.1/10) TLSv1.2 ECDHE-RSA-AES256-SHA, 521 bit ECDH (P-521)
> Firefox 100 (Win 10) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> IE 6 XP No connection
> IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> IE 8 XP TLSv1.0 DES-CBC3-SHA, No FS
> IE 11 Win 7 TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit DH (ffdhe2048)
> IE 11 Win 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA384, 384 bit ECDH (P-384)
> IE 11 Win Phone 8.1 TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-SHA384, 384 bit ECDH (P-384)
> Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES256-SHA384, 384 bit ECDH (P-384)
> Edge 101 Win 10 21H2 TLSv1.2 ECDHE-RSA-AES256-SHA, 384 bit ECDH (P-384)
> Safari 12.1 (iOS 12.2) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Safari 13.0 (macOS 10.14.6) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Safari 15.4 (macOS 12.3.1) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 521 bit ECDH (P-521)
> Java 8u161 TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Java 11.0.2 (OpenJDK) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Java 17.0.3 (OpenJDK) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 384 bit ECDH (P-384)
> go 1.17.8 TLSv1.2 ECDHE-RSA-AES256-SHA, 521 bit ECDH (P-521)
> LibreSSL 2.8.3 (Apple) TLSv1.2 ECDHE-RSA-AES256-SHA384, 384 bit ECDH (P-384)
> OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> OpenSSL 1.1.1d (Debian) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> OpenSSL 3.0.3 (git) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Apple Mail (16.0) TLSv1.2 ECDHE-RSA-AES256-SHA384, 521 bit ECDH (P-521)
> Thunderbird (91.9) TLSv1.2 ECDHE-RSA-AES256-SHA, 521 bit ECDH (P-521)
> Done 2022-12-16 12:14:34 [ 176s] -->> 193.70.18.144:465 (ssl0.ovh.net) <<--
Bonjour à vous deux,
@PascalM22 la dernière réponse apportée vous a t'elle permis de résoudre la problématique?
^FabL