Reputation: 169
"SSL: WRONG_VERSION_NUMBER" when use AWS SES SMTP server in GCP Composer Airflow
I am using GCP Composer (Airflow) to run some scheduled tasks. And using AWS SES SMTP server to send notification email.
According to GCP Composer's document,
https://cloud.google.com/composer/docs/secret-manager#configuring_your_environment_with and https://cloud.google.com/composer/docs/configure-email#configure_third-party_smtp_services, I set the Airflow configuration overrides as below
secrets
backend airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend
smtp
smtp_port 587
smtp_mail_from ...
smtp_host email-smtp.us-west-1.amazonaws.com
smtp_starttls True
smtp_password_secret smtp-password
smtp_ssl True
smtp_user ...
email
email_backend airflow.utils.email.send_email_smtp
Airflow has an error when send out the email:
Traceback (most recent call last)
File "/usr/local/lib/airflow/airflow/models/taskinstance.py", line 1476, in email_aler
send_email(self.task.email, subject, html_content
File "/usr/local/lib/airflow/airflow/utils/email.py", line 62, in send_emai
mime_subtype=mime_subtype, mime_charset=mime_charset, **kwargs
File "/usr/local/lib/airflow/airflow/utils/email.py", line 108, in send_email_smt
send_MIME_email(smtp_mail_from, recipients, msg, dryrun
File "/usr/local/lib/airflow/airflow/utils/email.py", line 127, in send_MIME_emai
s = smtplib.SMTP_SSL(SMTP_HOST, SMTP_PORT) if SMTP_SSL else smtplib.SMTP(SMTP_HOST, SMTP_PORT
File "/opt/python3.6/lib/python3.6/smtplib.py", line 1031, in __init_
source_address
File "/opt/python3.6/lib/python3.6/smtplib.py", line 251, in __init_
(code, msg) = self.connect(host, port
File "/opt/python3.6/lib/python3.6/smtplib.py", line 336, in connec
self.sock = self._get_socket(host, port, self.timeout
File "/opt/python3.6/lib/python3.6/smtplib.py", line 1039, in _get_socke
server_hostname=self._host
File "/opt/python3.6/lib/python3.6/ssl.py", line 407, in wrap_socke
_context=self, _session=session
File "/opt/python3.6/lib/python3.6/ssl.py", line 817, in __init_
self.do_handshake(
File "/opt/python3.6/lib/python3.6/ssl.py", line 1077, in do_handshak
self._sslobj.do_handshake(
File "/opt/python3.6/lib/python3.6/ssl.py", line 689, in do_handshak
self._sslobj.do_handshake(
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:852
How to solve this WRONG_VERSION_NUMBER error?
Upvotes: 1
Views: 1677
Answers (2)
Reputation: 81444
There are two solutions (implement only one):
- Change smtp_port to 465.
- Change smtp_ssl True to smtp_starttls True and leave the port at 587.
AWS SES port 587 starts unencrypted and then enables encryption via the STARTTLS command.
AWS SES port 465 starts encrypted and is a best practice.
Cloud Composer Configure third-party SMTP services
Connecting to an Amazon SES SMTP endpoint
Upvotes: 1
Reputation: 169
The AWS SES SMTP has problem when enable SSL on port 587. It need to disable SSL to work on port 587.
Just set smtp_ssl to False in Airflow's configuration setting.
Upvotes: 1
Related Questions
- GCP command to retrieve an SMTP Password for airflow
- Apache Airflow/Composer : how to connect to https using http connector with untrusted certificate
- How to send email via AWS SES from Google AppScript
- Google cloud HTTPs ERR_SSL_VERSION_OR_CIPHER_MISMATCH
- "Authentication Credentials Invalid" when setup GCP Composer(Airflow) SMTP server
- AWS SES could not send the email, got 550 error
- How to change or override smtp_password for Google Composer Airflow
- Getting error while sending email from GCP composer airflow
- AWS SES with GMail (sending only)
- SES port is blocked in GCP